USN-149-3: Ubuntu 4.10 update for Firefox vulnerabilities

Releases

• Ubuntu 4.10

Details

USN-149-1 fixed some vulnerabilities in the Ubuntu 5.04 (Hoary
Hedgehog) version of Firefox. The version shipped with Ubuntu 4.10
(Warty Warthog) is also vulnerable to these flaws, so it needs to be
upgraded as well. Please see

http://www.ubuntulinux.org/support/documentation/usn/usn-149-1

for the original advisory.

This update also fixes several older vulnerabilities; Some of them
could be exploited to execute arbitrary code with full user privileges
if the user visited a malicious web site. (MFSA-2005-01 to
MFSA-2005-44; please see the following web site for details:
http://www.mozilla.org/projects/security/known-vulnerabilities.html)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 4.10

• mozilla-firefox -
• mozilla-firefox-locale-es -
• mozilla-firefox-locale-ja -
• mozilla-firefox-locale-ca -
• mozilla-firefox-locale-uk -
• mozilla-firefox-locale-de -
• mozilla-firefox-locale-nb -
• mozilla-firefox-locale-it -
• mozilla-firefox-locale-tr -
• mozilla-firefox-locale-fr -
• mozilla-firefox-locale-pl -

In general, a standard system update will make all the necessary changes.

References

• CVE-2004-1156
• CVE-2004-1381
• CVE-2005-0141
• CVE-2005-0142
• CVE-2005-0143
• CVE-2005-0144
• CVE-2005-0145
• CVE-2005-0146
• CVE-2005-0147
• CVE-2005-0150
• CVE-2005-0230
• CVE-2005-0231
• CVE-2005-0232
• CVE-2005-0233
• CVE-2005-0255
• CVE-2005-0399
• CVE-2005-0401
• CVE-2005-0402
• CVE-2005-0578
• CVE-2005-0584
• CVE-2005-0585
• CVE-2005-0586
• CVE-2005-0587
• CVE-2005-0588
• CVE-2005-0589
• CVE-2005-0590
• CVE-2005-0591
• CVE-2005-0592
• CVE-2005-0593
• CVE-2005-0752
• CVE-2005-0989
• CVE-2005-1153
• CVE-2005-1154
• CVE-2005-1155
• CVE-2005-1156
• CVE-2005-1157
• CVE-2005-1158
• CVE-2005-1159
• CVE-2005-1160
• CVE-2005-1531
• CVE-2005-1532
• CVE-2005-1937
• CVE-2005-2260
• CVE-2005-2261
• CVE-2005-2262
• CVE-2005-2263
• CVE-2005-2264
• CVE-2005-2265
• CVE-2005-2266
• CVE-2005-2267
• CVE-2005-2268
• CVE-2005-2269
• CVE-2005-2270

Related notices

• USN-157-1: mozilla-thunderbird, mozilla-thunderbird-enigmail
• USN-124-1: mozilla-firefox, mozilla-browser
• USN-155-1: mozilla-browser, mozilla-mailnews
• USN-134-1: mozilla-firefox
• USN-149-1: mozilla-firefox