Debian 10262 Published by

Updated xulrunner/squid3 packages are available for Debian GNU/Linux to address several vulnerabilities



[SECURITY] [DSA-2106-2] New xulrunner packages fix regression
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2106-2 security@debian.org
http://www.debian.org/security/ Stefan Fritsch
September 19, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : xulrunner
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-2760 CVE-2010-2763 CVE-2010-2765 CVE-2010-2766 CVE-2010-2767 CVE-2010-2768 CVE-2010-2769 CVE-2010-3167 CVE-2010-3168 CVE-2010-3169

DSA-2106-1 introduced a regression that could lead to an application
crash. This update fixes this problem. For reference, the text of
the original advisory is provided below.

Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems:

- - Implementation errors in XUL processing allow the execution of
arbitrary code (CVE-2010-2760, CVE-2010-3167, CVE-2010-3168)

- - An implementation error in the XPCSafeJSObjectWrapper wrapper allows
the bypass of the same origin policy (CVE-2010-2763)

- - An integer overflow in frame handling allows the execution of
arbitrary code (CVE-2010-2765)

- - An implementation error in DOM handling allows the execution of
arbitrary code (CVE-2010-2766)

- - Incorrect pointer handling in the plugin code allow the execution of
arbitrary code (CVE-2010-2767)

- - Incorrect handling of an object tag may lead to the bypass of cross
site scripting filters (CVE-2010-2768)

- - Incorrect copy and paste handling could lead to cross site scripting
(CVE-2010-2769)

- - Crashes in the layout engine may lead to the execution of arbitrary
code (CVE-2010-3169)


For the stable distribution (lenny), the problem has been fixed in
version 1.9.0.19-5. The packages for the mips architecture are not
included in this update. They will be released as soon as they become
available.

We recommend that you upgrade your xulrunner packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz
Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-5.dsc
Size/MD5 checksum: 1755 ec1bbbbd68484fd56658004d35660079
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-5.diff.gz
Size/MD5 checksum: 163246 2c2544dd4c410435fa0c80a337471b3f

Architecture independent packages:

http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-5_all.deb
Size/MD5 checksum: 1482996 863ccb72f1a414ed13bd27405afba771

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 164820 a3c3627598bfccbd464b12afc9fd1518
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 51198504 3d8d5f458c570c8a269865747845b000
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 72756 d7d444c19f110c887596e8c6c1a52aaf
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 433826 32e8706fe2a306c1f9908a620246c83a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 223118 90e749bb96774053f296271a5b8eb0ba
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 9506608 5026aba96d3ace32f1c178fc94316eee
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 3656240 9b19520d0180d224d4df695d22c9df23
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 939550 e33c90da76aba433f506bac4852f8590
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_alpha.deb
Size/MD5 checksum: 113604 6e3ab285138ff64e0a4899cb827c6f2f

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 50443192 60952c4d1272b7d54a4b35598d9da9d8
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 102114 2630d71984e9c30fa2746f456a796cd2
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 70732 48884179fb002f92523ce7bfd6798084
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 223858 b6eb38fe9289d8833d543b82fe4bfb5a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 889010 4dd57cef68b3d1c79b5f59d454b9bef6
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 375468 ecf7e48691e5c25d2bc0c595e6c36cfe
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 151934 6ee561d1343bf016cd414f06a94f3e60
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 7760866 3c73945a0610ccea86c76196a7c79f34
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_amd64.deb
Size/MD5 checksum: 3599590 64eb9e9b0251431bf01cd2e60a9785d0

arm architecture (ARM)

http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_arm.deb
Size/MD5 checksum: 141014 fb1255ccb4e5646300e8bba498660ad5
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_arm.deb
Size/MD5 checksum: 3585712 ad72df20198c5cc79e337f8507c6c48a
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_arm.deb
Size/MD5 checksum: 6805246 abd81f6ced5c7299fc8a05f2c3520ce1
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_arm.deb
Size/MD5 checksum: 351212 60d0055ecad06c8c9d9f59d06e17e9bb
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_arm.deb
Size/MD5 checksum: 222458 c7c114018b7e0268f14943426f60d94f
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_arm.deb
Size/MD5 checksum: 68642 af773dca5a82c3aa0abf27e681d8a90d
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_arm.deb
Size/MD5 checksum: 815538 d73b178e2767270be079bdc5e4cecfcc
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_arm.deb
Size/MD5 checksum: 84322 29e52b125176656f5c9c8664a44be1ad
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_arm.deb
Size/MD5 checksum: 49392796 1349ace1f4f196b056477933b85d6d16

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_armel.deb
Size/MD5 checksum: 223806 d06a0dde42603edc4b089d0ce834b8e9
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_armel.deb
Size/MD5 checksum: 823636 e997a585134758bec02c21f18618ea3a
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_armel.deb
Size/MD5 checksum: 84804 9bbdb55e360c737904982ff43f97974c
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_armel.deb
Size/MD5 checksum: 353696 74dedf4e35b293c7f5b22995ba3c5de4
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_armel.deb
Size/MD5 checksum: 50230536 6851612699cfc0ec0a7877b5b630f167
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_armel.deb
Size/MD5 checksum: 143112 3bdc142df48c7ec431231144bcb158c5
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_armel.deb
Size/MD5 checksum: 70792 5984352da6eabbbf441b0b33bf9d2fe5
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_armel.deb
Size/MD5 checksum: 6964468 b84c83530e8a6d3ca2624d90114963f0
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_armel.deb
Size/MD5 checksum: 3574352 35effd484fe142a5ff6a68cd1e77734d

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 3634146 ddeaa56c11874081d665a76fcd94a874
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 158850 f616289ae7a428592b161d18e2d0e0c1
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 9526792 0228e4b668c53522396fe7a879fe9344
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 413666 e33c363476788bdd36a467167614f3ea
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 107082 0b890dc85fbe833ffd677d93ed46a945
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 223694 90eb5dc6be20d6b8b92479c2bd3664b2
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 899588 99c6840d251b6af4674eb8a5b10cd8b9
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 51324268 91f3a8d45df03a071b906f5df3f77e3e
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_hppa.deb
Size/MD5 checksum: 72370 d284cc5ccc8128047be7ca47abccb8c3

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_i386.deb
Size/MD5 checksum: 143310 9a7235f534fefb69f7b2be82acb46aa1
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_i386.deb
Size/MD5 checksum: 6609704 5eb43fd05f98fb11d5b4d26924cd6198
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_i386.deb
Size/MD5 checksum: 223422 15262b4fd94836bbe5a33ffcada84e65
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_i386.deb
Size/MD5 checksum: 852190 24a8f292a796fd0dbf178c951b6c8797
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_i386.deb
Size/MD5 checksum: 69116 964e42537f3de906a65ea049ae93fd97
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_i386.deb
Size/MD5 checksum: 81330 583d92d9026ca84223c80df6ce0419a3
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_i386.deb
Size/MD5 checksum: 3575548 7591d4af2fd13d969b484f751ca27baa
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_i386.deb
Size/MD5 checksum: 352020 553e33e939ebcc65f320f1fa44459de8
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_i386.deb
Size/MD5 checksum: 49616804 d4bd40f509bde790d9a1496d58f76aae

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 49784610 819c0fb5c9e61445df68418861d18aeb
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 3394160 9ed835ee648c8c39a66dbfca60787b74
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 543660 f7729004b29834e49b3fecc5c4ba78a8
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 11324396 30bf87d7d8ceccc28ec6d1b6e8d1763b
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 179800 265a2fb2ca46bd076dfa714d9d27426e
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 810292 d365624d16016c78f3048a2dffa62437
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 120916 c04818031093fe58b5ae7bfd3a5f427c
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 223416 6511f9967275910e0e7928d6946e3cfd
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_ia64.deb
Size/MD5 checksum: 76616 5292b0ac5fa70ad678c2da2c7a80ac75

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 145414 4c77ca84405c99f3688e8bcbbdcbdc60
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 379210 a7b57c21209f463e1f0295a56765350e
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 97122 c249f8d3b4519f499439e038f8f2bb15
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 70238 c6ad278886d71e66c774d7cd47d1d00c
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 50083906 d079c502ff5ab7e2184cd9c3f1f582f1
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 3311894 38b26f3d288dc85dd10a9e1b34bf0fb5
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 223502 8d0ab93b30d1a6880d3773d70b474e4e
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 7388242 dfbaa496f48603caac48a284b883ca57
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_mipsel.deb
Size/MD5 checksum: 900806 68b13018bf5527dd532efceb785c07df

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 73748 c330f71b1a6e75a98b0f3fa5d0439192
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 3594420 7c54a9da185e7e193abf1b0ceb37f0f1
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 152940 883c7de6b6fba1916948385bfe030146
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 51508410 bb327b6a0865f0883030382ee4e56050
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 363872 00a741c6ce8275f12815e8c373961976
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 888786 888f3870be50d529586460a648804a9f
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 223532 2583d5146e6856576fc3355b395dfbc6
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 94742 cee4a1f0b7e5cedf03d75acb92b4679f
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_powerpc.deb
Size/MD5 checksum: 7309892 d0588dfa2fe63a6397d8033524b2870a

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_s390.deb
Size/MD5 checksum: 105788 b065b0c1ba3e0cd839774e790be58a20
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_s390.deb
Size/MD5 checksum: 3609554 d80b0042f3e7cc4f65a11f53fe856d15
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_s390.deb
Size/MD5 checksum: 155508 aa45cb4161e0c6573fcd6e1c1fc1c36d
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_s390.deb
Size/MD5 checksum: 51294436 a9f0b8992072d1487574afe97962b951
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_s390.deb
Size/MD5 checksum: 407614 ef15b5a9710bfb20c7cfbe1ca65fdf46
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_s390.deb
Size/MD5 checksum: 73598 b57c45bee450ad88ec60b5e037dd9ca6
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_s390.deb
Size/MD5 checksum: 223288 05e1142586111744ad914ef12150ae73
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_s390.deb
Size/MD5 checksum: 8424762 87f042255337202e79e925d26571a980
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_s390.deb
Size/MD5 checksum: 909526 4f70ff65f8d75061dea60cc60af869ce

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 224296 0e82aa025c4c256c3ade6c0afc76face
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 821936 f14a59155733ec84b9236855457e4981
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 3573228 5961930615833a0a8d300c61e96260ed
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 49457542 2a2806ce2b8d24bbcd78d8688444b906
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 69666 c71d3e4f66f2031023545c2547499f96
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 350670 13aa3e96c2a1a63b0419e418edc2c090
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 7184996 1bc558d8098271a45d800620fb342cd3
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 88594 7c06dc1c0e1aea265f8d134b3857c65f
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-5_sparc.deb
Size/MD5 checksum: 143876 9cc35582879150b02736b50f8478f4a9


These files will probably be moved into the stable distribution on
its next update.
[SECURITY] [DSA 2111-1] New squid3 packages fix denial of service
- ------------------------------------------------------------------------
Debian Security Advisory DSA-2111-1 security@debian.org
http://www.debian.org/security/ Steffen Joeris
September 19, 2010 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : squid3
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE Id : CVE-2010-3072
Debian Bug : 596086

Phil Oester discovered that squid3, a fully featured Web Proxy cache, is
prone to a denial of service attack via a specially crafted request that
includes empty strings.


For the stable distribution (lenny), this problem has been fixed in
version 3.0.STABLE8-3+lenny4.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 3.1.6-1.1.


We recommend that you upgrade your squid3 packages.


Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4.diff.gz
Size/MD5 checksum: 20699 8660e684fab99044d17ee435cd8718d9
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4.dsc
Size/MD5 checksum: 1193 c301ce03c043f892a1dab392b82f5454
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8.orig.tar.gz
Size/MD5 checksum: 2443502 b5d26e1b7e2285bb60cf4de249113722

Architecture independent packages:

http://security.debian.org/pool/updates/main/s/squid3/squid3-common_3.0.STABLE8-3+lenny4_all.deb
Size/MD5 checksum: 289406 954e5536f90c542c1fc7300fc9a6ad0e

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4_alpha.deb
Size/MD5 checksum: 1120516 88adcda5d0b2ba1fb27341af183faaa3
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny4_alpha.deb
Size/MD5 checksum: 90722 e6148340f94c9f0de77a9e944c294550
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny4_alpha.deb
Size/MD5 checksum: 94334 014271407be72d360f5ca0d4f483defe

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny4_amd64.deb
Size/MD5 checksum: 89072 0c3df278512da844a33cc3e4294f0860
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny4_amd64.deb
Size/MD5 checksum: 92634 13a26c111e3344c2e0bc2da0291c0b26
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4_amd64.deb
Size/MD5 checksum: 1008578 55e7a138a3cf2ac850757bdb3dc80d65

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4_i386.deb
Size/MD5 checksum: 934274 393c4a46b784cd36422a8ccfc070408a
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny4_i386.deb
Size/MD5 checksum: 87314 a548078782994991585417158ef64fe6
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny4_i386.deb
Size/MD5 checksum: 91310 2d82131a6dad26f5879bb8fa9e25d2cc

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny4_ia64.deb
Size/MD5 checksum: 92964 6e491b0751864bd35bb6d4b56d5542cb
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny4_ia64.deb
Size/MD5 checksum: 98848 1558483cfd3e776565be1198fb24c0d5
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4_ia64.deb
Size/MD5 checksum: 1490318 0801807239c83c712ffbdf7b1cece4dc

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4_mipsel.deb
Size/MD5 checksum: 1072524 e46d21e7e0d678862ce9ff5eaa7dc5fc
http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny4_mipsel.deb
Size/MD5 checksum: 89806 5b58f3fb903ea2b59c84c4767b514467
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny4_mipsel.deb
Size/MD5 checksum: 92598 2dfaf08406175c6efd82ea35487ba351

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny4_powerpc.deb
Size/MD5 checksum: 88884 d98ff3725a7c748f67291492813bce1b
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4_powerpc.deb
Size/MD5 checksum: 1052784 8ddaa8519cd9ee9d0fe8c7ecdb5d3cf3
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny4_powerpc.deb
Size/MD5 checksum: 93972 42a71d648753fde2326f0a3484dcce12

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/s/squid3/squidclient_3.0.STABLE8-3+lenny4_sparc.deb
Size/MD5 checksum: 88982 42b7ddedbb9b3db1d90e3f6163e42907
http://security.debian.org/pool/updates/main/s/squid3/squid3_3.0.STABLE8-3+lenny4_sparc.deb
Size/MD5 checksum: 960398 95ef7e35738a0313638d489d564f2bc2
http://security.debian.org/pool/updates/main/s/squid3/squid3-cgi_3.0.STABLE8-3+lenny4_sparc.deb
Size/MD5 checksum: 92698 277974f1c19628125cdf4ceb80456b4d


These files will probably be moved into the stable distribution on
its next update.