-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:294 http://www.mandriva.com/security/ _______________________________________________________________________ Package : firefox Date : November 5, 2009 Affected: 2010.0 _______________________________________________________________________ Problem Description: Security issues were identified and fixed in firefox 3.5.x: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer (CVE-2009-1563). Security researcher Jeremy Brown reported that the file naming scheme used for downloading a file which already exists in the downloads folder is predictable. If an attacker had local access to a victim's computer and knew the name of a file the victim intended to open through the Download Manager, he could use this vulnerability to place a malicious file in the world-writable directory used to save temporary downloaded files and cause the browser to choose the incorrect file when opening it. Since this attack requires local access to the victim's machine, the severity of this vulnerability was determined to be low (CVE-2009-3274). Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to theft. A malicious web page could synthesize events such as mouse focus and key presses on behalf of the victim and trick the browser into auto-filling the form fields with history entries and then reading the entries (CVE-2009-3370). Security researcher Orlando Berrera of Sec Theory reported that recursive creation of JavaScript web-workers can be used to create a set of objects whose memory could be freed prior to their use. These conditions often result in a crash which could potentially be used by an attacker to run arbitrary code on a victim's computer (CVE-2009-3371). Security researcher Marco C. reported a flaw in the parsing of regular expressions used in Proxy Auto-configuration (PAC) files. In certain cases this flaw could be used by an attacker to crash a victim's browser and run arbitrary code on their computer. Since this vulnerability requires the victim to have PAC configured in their environment with specific regular expresssions which can trigger the crash, the severity of the issue was determined to be moderate (CVE-2009-3372). Security research firm iDefense reported that researcher regenrecht discovered a heap-based buffer overflow in Mozilla's GIF image parser. This vulnerability could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer (CVE-2009-3373). Mozilla security researcher moz_bug_r_a4 reported that the XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web content, potentially executing malicious JavaScript code with chrome privileges (CVE-2009-3374). Security researcher Gregory Fleischer reported that text within a selection on a web page can be read by JavaScript in a different domain using the document.getSelection function, violating the same-origin policy. Since this vulnerability requires user interaction to exploit, its severity was determined to be moderate (CVE-2009-3375). Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file (CVE-2009-3376). Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues (CVE-2009-3377, CVE-2009-3379, CVE-2009-3378). Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2009-3380). Additionally, some packages which require so, have been rebuilt and are being provided as updates. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3371 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380 http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.4 _______________________________________________________________________ Updated Packages: Mandriva Linux 2010.0: 5de02057b925d2a7540fb7e1ef7bb58e 2010.0/i586/beagle-0.3.9-19.1mdv2010.0.i586.rpm 865eb64b3d9edb5058b2cd6091a76b26 2010.0/i586/beagle-crawl-system-0.3.9-19.1mdv2010.0.i586.rpm 80d4b43e92ab00663080cb3d03c01d08 2010.0/i586/beagle-doc-0.3.9-19.1mdv2010.0.i586.rpm fcd585d9f9f626053a08426aac2461ef 2010.0/i586/beagle-evolution-0.3.9-19.1mdv2010.0.i586.rpm a2449685a7248fbce0c362579a394078 2010.0/i586/beagle-gui-0.3.9-19.1mdv2010.0.i586.rpm 2ca9f8a2bfeb574803bf9f599cef94da 2010.0/i586/beagle-gui-qt-0.3.9-19.1mdv2010.0.i586.rpm 9fc8164351344251674264408e320cdc 2010.0/i586/beagle-libs-0.3.9-19.1mdv2010.0.i586.rpm c97703819ed2d81d61ce462b8387a8e3 2010.0/i586/epiphany-2.28.1-1.1mdv2010.0.i586.rpm 65352aeee9a6611e1aaa2507aee6310f 2010.0/i586/epiphany-devel-2.28.1-1.1mdv2010.0.i586.rpm 56e6935dd870279da4835c62e82e9824 2010.0/i586/epiphany-extensions-2.28.1-1.1mdv2010.0.i586.rpm 636599b8e9ff5d069579f44db228bf53 2010.0/i586/firefox-3.5.4-0.1mdv2010.0.i586.rpm 669ef8146179d7c082d305084cfd2821 2010.0/i586/firefox-af-3.5.4-0.1mdv2010.0.i586.rpm 7e02a83877cd5783e64fe9647c5127cc 2010.0/i586/firefox-ar-3.5.4-0.1mdv2010.0.i586.rpm 73ec239fbaf304b8bc82827457249939 2010.0/i586/firefox-be-3.5.4-0.1mdv2010.0.i586.rpm ead410c9f6e3f6377ce6de3bbda32bf1 2010.0/i586/firefox-bg-3.5.4-0.1mdv2010.0.i586.rpm 32a3eaaf1beba37607c64f41f18bcbc3 2010.0/i586/firefox-bn-3.5.4-0.1mdv2010.0.i586.rpm 2d5ee5d61e5cb6cd33a136a94499d222 2010.0/i586/firefox-ca-3.5.4-0.1mdv2010.0.i586.rpm e19a9e3564ccae55a454a1e69aa05568 2010.0/i586/firefox-cs-3.5.4-0.1mdv2010.0.i586.rpm ec525fa06852579aa7c487d707c82ae3 2010.0/i586/firefox-cy-3.5.4-0.1mdv2010.0.i586.rpm 9d3c264145fc6779e460c3bc1e835eaf 2010.0/i586/firefox-da-3.5.4-0.1mdv2010.0.i586.rpm 64e92b919e6b95a8767f918851e54caf 2010.0/i586/firefox-de-3.5.4-0.1mdv2010.0.i586.rpm 20cecdc52af9590a5b45280527a6a703 2010.0/i586/firefox-devel-3.5.4-0.1mdv2010.0.i586.rpm e4ebb0fc55f84da2b523cfeed277f6fe 2010.0/i586/firefox-el-3.5.4-0.1mdv2010.0.i586.rpm bbee65d2c8c290254626c5a01136092b 2010.0/i586/firefox-en_GB-3.5.4-0.1mdv2010.0.i586.rpm 0ed0007b43a472adaa9d15268ef0e22d 2010.0/i586/firefox-eo-3.5.4-0.1mdv2010.0.i586.rpm c2b311a8781b2decd7dbd1cbb8a0018f 2010.0/i586/firefox-es_AR-3.5.4-0.1mdv2010.0.i586.rpm 5247e58309d1833229d509e044705fc5 2010.0/i586/firefox-es_ES-3.5.4-0.1mdv2010.0.i586.rpm a5dec68281f893658e5ac6695c8c4e59 2010.0/i586/firefox-et-3.5.4-0.1mdv2010.0.i586.rpm eb45f50d7c57ea62e63aba9c8df8cbb3 2010.0/i586/firefox-eu-3.5.4-0.1mdv2010.0.i586.rpm 8b52f85f885db5d8bc80f62dee83bf1b 2010.0/i586/firefox-ext-beagle-0.3.9-19.1mdv2010.0.i586.rpm 790b1ccafd787ce7ac8fb5ef022769d4 2010.0/i586/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.i586.rpm d6c45867a70152941b4e98709971a1ae 2010.0/i586/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.i586.rpm ffaf1990715b2667ad06d7d0da92c9a6 2010.0/i586/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.i586.rpm 51cfa5ee0b74ba1e1364dbb890f17059 2010.0/i586/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.i586.rpm 14184994a466647561caebf282868951 2010.0/i586/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.i586.rpm 05df49753c7be071e7fd30301f8e1e21 2010.0/i586/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.i586.rpm 8f7fa7986d9c2b782d239dbd5781477c 2010.0/i586/firefox-fi-3.5.4-0.1mdv2010.0.i586.rpm a2bcd0e119d154ba8e3e67894b2137d2 2010.0/i586/firefox-fr-3.5.4-0.1mdv2010.0.i586.rpm 62bf45805a274ad09232a1c0d44e2a94 2010.0/i586/firefox-fy-3.5.4-0.1mdv2010.0.i586.rpm b01ad90d97640e1c99d8c6005f115d84 2010.0/i586/firefox-ga_IE-3.5.4-0.1mdv2010.0.i586.rpm 34d7af747ccabd875dfcce48ad864fe9 2010.0/i586/firefox-gl-3.5.4-0.1mdv2010.0.i586.rpm 008fc8b17095af333b493dae107cd71a 2010.0/i586/firefox-gu_IN-3.5.4-0.1mdv2010.0.i586.rpm 087f2eda2fb46c58258a18a660868226 2010.0/i586/firefox-he-3.5.4-0.1mdv2010.0.i586.rpm ab0edfc6ffc3349bdc5a1a8c6aaa8b34 2010.0/i586/firefox-hi-3.5.4-0.1mdv2010.0.i586.rpm 6fe05824fa866c0ee352d37c7bc346eb 2010.0/i586/firefox-hu-3.5.4-0.1mdv2010.0.i586.rpm bc1cd175b78a59bcdd6e55dffac9086f 2010.0/i586/firefox-id-3.5.4-0.1mdv2010.0.i586.rpm d45bffce0787f8d3afa52083ff63d4f9 2010.0/i586/firefox-is-3.5.4-0.1mdv2010.0.i586.rpm f6f9d47069c2a276c6ad234809fa6c13 2010.0/i586/firefox-it-3.5.4-0.1mdv2010.0.i586.rpm 5fc95fca7b987a5996c4c74af61d0499 2010.0/i586/firefox-ja-3.5.4-0.1mdv2010.0.i586.rpm 74911a09777dea47be4a69fd46700f15 2010.0/i586/firefox-ka-3.5.4-0.1mdv2010.0.i586.rpm 0f7c75529ad3def515e546c3aa7e27e5 2010.0/i586/firefox-kn-3.5.4-0.1mdv2010.0.i586.rpm ae29bd59f6f93ef072ba3a2b08d63a89 2010.0/i586/firefox-ko-3.5.4-0.1mdv2010.0.i586.rpm 468f7c938b7d771456e9b477653948ee 2010.0/i586/firefox-ku-3.5.4-0.1mdv2010.0.i586.rpm 489d116d042bd5802f0068de9383c5d1 2010.0/i586/firefox-lt-3.5.4-0.1mdv2010.0.i586.rpm 9be68106945017527a62c983031361e0 2010.0/i586/firefox-lv-3.5.4-0.1mdv2010.0.i586.rpm 0f3175726b5d1994a37c7b035270e5d0 2010.0/i586/firefox-mk-3.5.4-0.1mdv2010.0.i586.rpm 8b231f4d919586cf55990e026be6aecd 2010.0/i586/firefox-mn-3.5.4-0.1mdv2010.0.i586.rpm f981e93ff57a1e8472698ada26dd363f 2010.0/i586/firefox-mr-3.5.4-0.1mdv2010.0.i586.rpm 8eadff91b007302e6ec3cdc2ec1241ba 2010.0/i586/firefox-nb_NO-3.5.4-0.1mdv2010.0.i586.rpm 2841ff68c6d850220e4d8aaa062753a0 2010.0/i586/firefox-nl-3.5.4-0.1mdv2010.0.i586.rpm 753237032819c85ab3b405bcf4082b5f 2010.0/i586/firefox-nn_NO-3.5.4-0.1mdv2010.0.i586.rpm 193191bb1d7b43288584660f478d8b7b 2010.0/i586/firefox-oc-3.5.4-0.1mdv2010.0.i586.rpm 408e98a77b5ad0a47dbf44f55dbd4077 2010.0/i586/firefox-pa_IN-3.5.4-0.1mdv2010.0.i586.rpm a782d15600b0466ab88c467ea7458721 2010.0/i586/firefox-pl-3.5.4-0.1mdv2010.0.i586.rpm 52515a5f52bb6c46dca0b2003529a3e3 2010.0/i586/firefox-pt_BR-3.5.4-0.1mdv2010.0.i586.rpm 81b6ce7fb332d0c32d4dcb1a60e43bea 2010.0/i586/firefox-pt_PT-3.5.4-0.1mdv2010.0.i586.rpm be670b306d4595c6095b04c86d2b4440 2010.0/i586/firefox-ro-3.5.4-0.1mdv2010.0.i586.rpm cfab5f72fc2f8985114fbe574b7e9ed3 2010.0/i586/firefox-ru-3.5.4-0.1mdv2010.0.i586.rpm 3815771bf31f0df06d3c72a16c832273 2010.0/i586/firefox-si-3.5.4-0.1mdv2010.0.i586.rpm cdc811c47d76aa33712f24c93d40a0d7 2010.0/i586/firefox-sk-3.5.4-0.1mdv2010.0.i586.rpm 862187e580b0a1b488b3dd924439f17b 2010.0/i586/firefox-sl-3.5.4-0.1mdv2010.0.i586.rpm f2cef85a6f4d9811e09b507026343190 2010.0/i586/firefox-sq-3.5.4-0.1mdv2010.0.i586.rpm 99a3afc95764543f0ed81bfb89fc3231 2010.0/i586/firefox-sr-3.5.4-0.1mdv2010.0.i586.rpm a36788ab581f0a0e4b5ad679bb5b7106 2010.0/i586/firefox-sv_SE-3.5.4-0.1mdv2010.0.i586.rpm 049a9e750fefc62ad61db53bf05ec6bd 2010.0/i586/firefox-te-3.5.4-0.1mdv2010.0.i586.rpm 8d8ca3d39c424a56ef5b93d1e20dbde5 2010.0/i586/firefox-th-3.5.4-0.1mdv2010.0.i586.rpm 7ee41c0c33da530f31fedd42f9534939 2010.0/i586/firefox-theme-kde4ff-0.14-18.1mdv2010.0.i586.rpm de5596d85162d52e2440e7e4f52b1b1c 2010.0/i586/firefox-tr-3.5.4-0.1mdv2010.0.i586.rpm 902b0470dae73a54b7dc4406c76d91c9 2010.0/i586/firefox-uk-3.5.4-0.1mdv2010.0.i586.rpm 33138d6a153bb4bcd0638255da2006a8 2010.0/i586/firefox-zh_CN-3.5.4-0.1mdv2010.0.i586.rpm acc67139d138e98d110c4aaa4ddbe8bb 2010.0/i586/firefox-zh_TW-3.5.4-0.1mdv2010.0.i586.rpm caee546f9710d7acdd6b816f951c5efd 2010.0/i586/gnome-python-extras-2.25.3-10.1mdv2010.0.i586.rpm 53cc683aad8630f2052e4ebd965e5da2 2010.0/i586/gnome-python-gda-2.25.3-10.1mdv2010.0.i586.rpm 55239ec23c37457cf9ef7744e9e311bc 2010.0/i586/gnome-python-gda-devel-2.25.3-10.1mdv2010.0.i586.rpm 2c595010a046da1fa461c3e0cc6ad468 2010.0/i586/gnome-python-gdl-2.25.3-10.1mdv2010.0.i586.rpm 7f4f7a400e54da7ea06baf5b8c12d399 2010.0/i586/gnome-python-gtkhtml2-2.25.3-10.1mdv2010.0.i586.rpm cba87f860c7a2bd9af64738e78f31b97 2010.0/i586/gnome-python-gtkmozembed-2.25.3-10.1mdv2010.0.i586.rpm 3e12f0b123e58c0410c1bc9da1678ef6 2010.0/i586/gnome-python-gtkspell-2.25.3-10.1mdv2010.0.i586.rpm ed8ecee81e90e1b23924aca98960e67b 2010.0/i586/google-gadgets-common-0.11.1-2.1mdv2010.0.i586.rpm 226f082af8f0dbc2b222e25b372fcfe4 2010.0/i586/google-gadgets-gtk-0.11.1-2.1mdv2010.0.i586.rpm e0e463fb97df0206a2ff3357e4f409d6 2010.0/i586/google-gadgets-qt-0.11.1-2.1mdv2010.0.i586.rpm 0607442b0252c2f7ad89a88f407a1e18 2010.0/i586/libggadget1.0_0-0.11.1-2.1mdv2010.0.i586.rpm 4c19a97a9d30ac6d6ed92c1914eb86a8 2010.0/i586/libggadget-dbus1.0_0-0.11.1-2.1mdv2010.0.i586.rpm 308e97be73ba593653f207287f528702 2010.0/i586/libggadget-gtk1.0_0-0.11.1-2.1mdv2010.0.i586.rpm b1023ad523da8ba3d632367372052f5c 2010.0/i586/libggadget-js1.0_0-0.11.1-2.1mdv2010.0.i586.rpm fa694a3e378bd97ecae4fa8221e3ae45 2010.0/i586/libggadget-npapi1.0_0-0.11.1-2.1mdv2010.0.i586.rpm ec0a4dbf8e68baa45433ba293cff9fa7 2010.0/i586/libggadget-qt1.0_0-0.11.1-2.1mdv2010.0.i586.rpm 4501a4d57a5eb5359c45271562845723 2010.0/i586/libggadget-webkitjs0-0.11.1-2.1mdv2010.0.i586.rpm 5ecfe2a3534b50d08260dde62450cf18 2010.0/i586/libggadget-xdg1.0_0-0.11.1-2.1mdv2010.0.i586.rpm b0f8a03057d0409111366685dbb56a9c 2010.0/i586/libgoogle-gadgets-devel-0.11.1-2.1mdv2010.0.i586.rpm 1ab5bc0b7b00823a5cdf815fac145245 2010.0/i586/libopensc2-0.11.9-1.1mdv2010.0.i586.rpm 49dceab2ebd208914644be69f2915168 2010.0/i586/libopensc-devel-0.11.9-1.1mdv2010.0.i586.rpm 43032aac7d930c8be3ad8547838b5da1 2010.0/i586/libxulrunner1.9.1.4-1.9.1.4-0.1mdv2010.0.i586.rpm e3fda1726c577c44abd17ed3e43aa37f 2010.0/i586/libxulrunner-devel-1.9.1.4-0.1mdv2010.0.i586.rpm 5cb4ce59c5696e07d46a268b496ce1cc 2010.0/i586/mozilla-plugin-opensc-0.11.9-1.1mdv2010.0.i586.rpm 404c94bb7ac9764b89986309b9e8b8b8 2010.0/i586/mozilla-thunderbird-beagle-0.3.9-19.1mdv2010.0.i586.rpm 4695f41439abb22fff405ceea609718d 2010.0/i586/opensc-0.11.9-1.1mdv2010.0.i586.rpm 769aea3fa1ecfe8fadc145f96595337f 2010.0/i586/python-xpcom-1.9.1.4-0.1mdv2010.0.i586.rpm d281a0a5bb6ee6989c3e6e5db9f5673c 2010.0/i586/xulrunner-1.9.1.4-0.1mdv2010.0.i586.rpm a4314cad9a7dbe6e98e3188c1af82c75 2010.0/i586/yelp-2.28.0-1.1mdv2010.0.i586.rpm 11002834e306ad2599e115787b57ece9 2010.0/SRPMS/beagle-0.3.9-19.1mdv2010.0.src.rpm f35067064a0c78edff8b036ca67774f3 2010.0/SRPMS/epiphany-2.28.1-1.1mdv2010.0.src.rpm bc04de1e6d7b2fd083a1206c4482fb7b 2010.0/SRPMS/epiphany-extensions-2.28.1-1.1mdv2010.0.src.rpm f0b0c517ec14c9d5e47647f9bf08fc78 2010.0/SRPMS/firefox-3.5.4-0.1mdv2010.0.src.rpm 166554e926dcaab7ff2631817ee2b097 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.src.rpm 6432321af955bb76f1314dcf7598d4bd 2010.0/SRPMS/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.src.rpm 0bfe93a46ccd200f974236740da44032 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.src.rpm 912dabafc0eedd8374b77bf19863f8b4 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.src.rpm ef882f13ad9f95334e87b4e4d1d062c2 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.src.rpm 8ecfa71225dd0500c8c4fdaaafe4fe22 2010.0/SRPMS/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.src.rpm 0df78b1b0f21b07d00706d72296490b3 2010.0/SRPMS/firefox-l10n-3.5.4-0.1mdv2010.0.src.rpm 7a94ab5e7c21d73c1f8e074825fe93cd 2010.0/SRPMS/firefox-theme-kde4ff-0.14-18.1mdv2010.0.src.rpm a2906a74b07316a233c08eeaa09a827f 2010.0/SRPMS/gnome-python-extras-2.25.3-10.1mdv2010.0.src.rpm 5ca44eee599e669d3936c2d8074dbdf1 2010.0/SRPMS/google-gadgets-0.11.1-2.1mdv2010.0.src.rpm 3443a0354ae3c165243413cf2bd1a7dc 2010.0/SRPMS/opensc-0.11.9-1.1mdv2010.0.src.rpm e52f1e0b12809b71673467beef0e156f 2010.0/SRPMS/xulrunner-1.9.1.4-0.1mdv2010.0.src.rpm df7c1f2b4d6ee86a54319b934c717d39 2010.0/SRPMS/yelp-2.28.0-1.1mdv2010.0.src.rpm Mandriva Linux 2010.0/X86_64: c4dd2bea9eef7bf7147588a55983cc3c 2010.0/x86_64/beagle-0.3.9-19.1mdv2010.0.x86_64.rpm 611d637f1939cee8b3f25ff045410bed 2010.0/x86_64/beagle-crawl-system-0.3.9-19.1mdv2010.0.x86_64.rpm a3937170bf9b478cf52c5007d3456669 2010.0/x86_64/beagle-doc-0.3.9-19.1mdv2010.0.x86_64.rpm 97440e5e123b4034e1c4bd66c903951c 2010.0/x86_64/beagle-evolution-0.3.9-19.1mdv2010.0.x86_64.rpm c3cb89e9c55dd3d09ecea0a1c8dead17 2010.0/x86_64/beagle-gui-0.3.9-19.1mdv2010.0.x86_64.rpm 77ce56c06f51ffbbb180bd150e6526a8 2010.0/x86_64/beagle-gui-qt-0.3.9-19.1mdv2010.0.x86_64.rpm a8a8c984d22cf423677eaa06bf721a3c 2010.0/x86_64/beagle-libs-0.3.9-19.1mdv2010.0.x86_64.rpm de42c43851ee3fad1e9dd523676b4413 2010.0/x86_64/epiphany-2.28.1-1.1mdv2010.0.x86_64.rpm c992d4f71691f9b827d8411b089268b1 2010.0/x86_64/epiphany-devel-2.28.1-1.1mdv2010.0.x86_64.rpm 239b64d2fa822a62d37b41e075ed29b5 2010.0/x86_64/epiphany-extensions-2.28.1-1.1mdv2010.0.x86_64.rpm 8b532a94bb920ae17b87b30cd990025e 2010.0/x86_64/firefox-3.5.4-0.1mdv2010.0.x86_64.rpm 058b94a3752d94a93ff7edfe5c6287e1 2010.0/x86_64/firefox-af-3.5.4-0.1mdv2010.0.x86_64.rpm 19d57df8172a8d58349aa4e833bb4807 2010.0/x86_64/firefox-ar-3.5.4-0.1mdv2010.0.x86_64.rpm 478d8d6ea0aba868ca1b4d388623d2ca 2010.0/x86_64/firefox-be-3.5.4-0.1mdv2010.0.x86_64.rpm d948d2f95b9952e9ce6226f32c2d45ca 2010.0/x86_64/firefox-bg-3.5.4-0.1mdv2010.0.x86_64.rpm 508acd7ca804e502d2f21c81cff71987 2010.0/x86_64/firefox-bn-3.5.4-0.1mdv2010.0.x86_64.rpm 200100baa6a85324cb59a0b5c4034cf0 2010.0/x86_64/firefox-ca-3.5.4-0.1mdv2010.0.x86_64.rpm f351af7e6a2987804878564e2bdb517f 2010.0/x86_64/firefox-cs-3.5.4-0.1mdv2010.0.x86_64.rpm b886d5ad21bd4f259abce9c72ca74530 2010.0/x86_64/firefox-cy-3.5.4-0.1mdv2010.0.x86_64.rpm 937529a9d48a8421eb37fcd2dacfbf63 2010.0/x86_64/firefox-da-3.5.4-0.1mdv2010.0.x86_64.rpm 5041b8cd1267706e1c74019df7245ffa 2010.0/x86_64/firefox-de-3.5.4-0.1mdv2010.0.x86_64.rpm ddad78036a99f8aa644147c52d4ab30d 2010.0/x86_64/firefox-devel-3.5.4-0.1mdv2010.0.x86_64.rpm d077816f443afb553cded01108542a81 2010.0/x86_64/firefox-el-3.5.4-0.1mdv2010.0.x86_64.rpm e295f0e12e20e80dd6d4cd7845988961 2010.0/x86_64/firefox-en_GB-3.5.4-0.1mdv2010.0.x86_64.rpm 851fb3fe10a91c799575c19b30432df7 2010.0/x86_64/firefox-eo-3.5.4-0.1mdv2010.0.x86_64.rpm 06aa7ac8447680a7f67fd49731cb2912 2010.0/x86_64/firefox-es_AR-3.5.4-0.1mdv2010.0.x86_64.rpm 1c7a9e0342f736f22a305a29b2b17ca8 2010.0/x86_64/firefox-es_ES-3.5.4-0.1mdv2010.0.x86_64.rpm b8aa7b12e4d28bf80dd88471e3882beb 2010.0/x86_64/firefox-et-3.5.4-0.1mdv2010.0.x86_64.rpm 29dec4973342d83c122ff48e22dbec14 2010.0/x86_64/firefox-eu-3.5.4-0.1mdv2010.0.x86_64.rpm 4c76579a01ff2ffa1162b0650b36912f 2010.0/x86_64/firefox-ext-beagle-0.3.9-19.1mdv2010.0.x86_64.rpm 29334af2ff1b753040090a0b93a0bf91 2010.0/x86_64/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.x86_64.rpm e4edb4283f8c13288fdd85b36b6dcfc5 2010.0/x86_64/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.x86_64.rpm b2b7ba697f7bb1806c41485c39c04262 2010.0/x86_64/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.x86_64.rpm 7f8dbdf8ab09c3ac1a219043d7b2c241 2010.0/x86_64/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.x86_64.rpm 2a8cc514420eaf1375f306417ea264fa 2010.0/x86_64/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.x86_64.rpm dca7f6aede51ca5fe6913144d3ded0aa 2010.0/x86_64/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.x86_64.rpm eb7527d596188d4b71e1f715c8909ae7 2010.0/x86_64/firefox-fi-3.5.4-0.1mdv2010.0.x86_64.rpm 89bbfa9bb890007506f2adc9746a1995 2010.0/x86_64/firefox-fr-3.5.4-0.1mdv2010.0.x86_64.rpm b407524ae9d37866b31876ba7f33be96 2010.0/x86_64/firefox-fy-3.5.4-0.1mdv2010.0.x86_64.rpm d23825fd661749644c1ed2cc8f4cfd10 2010.0/x86_64/firefox-ga_IE-3.5.4-0.1mdv2010.0.x86_64.rpm cf8e596f053643a363b3e126dc8c11b3 2010.0/x86_64/firefox-gl-3.5.4-0.1mdv2010.0.x86_64.rpm 04ee9bcb1f384c64638dfd7a91d4d5a7 2010.0/x86_64/firefox-gu_IN-3.5.4-0.1mdv2010.0.x86_64.rpm 733afb9c93c3fc927dcdffe77f006537 2010.0/x86_64/firefox-he-3.5.4-0.1mdv2010.0.x86_64.rpm a9b8e240c8336ca0369d37d6f32ea468 2010.0/x86_64/firefox-hi-3.5.4-0.1mdv2010.0.x86_64.rpm 3b5141d5592e0050822e1d09fb270c4d 2010.0/x86_64/firefox-hu-3.5.4-0.1mdv2010.0.x86_64.rpm 71b9eaaca5847681a847a3bac4ef524f 2010.0/x86_64/firefox-id-3.5.4-0.1mdv2010.0.x86_64.rpm fe571af67b87fe2c1727967f556782bf 2010.0/x86_64/firefox-is-3.5.4-0.1mdv2010.0.x86_64.rpm 0facab9a567c9dc25ae992d7dabd8ff4 2010.0/x86_64/firefox-it-3.5.4-0.1mdv2010.0.x86_64.rpm 90ca903597fcf4dcabace089815be542 2010.0/x86_64/firefox-ja-3.5.4-0.1mdv2010.0.x86_64.rpm 0503d174b8f8b5f3ccbd95ceea62ec49 2010.0/x86_64/firefox-ka-3.5.4-0.1mdv2010.0.x86_64.rpm 1b296a68cd92389aad1dc8ae48e3eccd 2010.0/x86_64/firefox-kn-3.5.4-0.1mdv2010.0.x86_64.rpm 60acc7bfc71ac9bed9c1e50f05a34e75 2010.0/x86_64/firefox-ko-3.5.4-0.1mdv2010.0.x86_64.rpm 374cbbdb5f7ae83c1823fe4a83aade16 2010.0/x86_64/firefox-ku-3.5.4-0.1mdv2010.0.x86_64.rpm b20fd95c5c31ba12fbf1ed348aeb8e8e 2010.0/x86_64/firefox-lt-3.5.4-0.1mdv2010.0.x86_64.rpm 34b732a363c4dc7ecd991d0951ad3aa6 2010.0/x86_64/firefox-lv-3.5.4-0.1mdv2010.0.x86_64.rpm 16f9ef1afe6c2399d331b238cf8eb03f 2010.0/x86_64/firefox-mk-3.5.4-0.1mdv2010.0.x86_64.rpm c7f743f422e2409d222fa117ac291929 2010.0/x86_64/firefox-mn-3.5.4-0.1mdv2010.0.x86_64.rpm aa783ae7775d062c7358de7171da7994 2010.0/x86_64/firefox-mr-3.5.4-0.1mdv2010.0.x86_64.rpm 71a0654691200f8d49d48a34687c7893 2010.0/x86_64/firefox-nb_NO-3.5.4-0.1mdv2010.0.x86_64.rpm 8923eb8cff924e61e1d58a7f86ea82f4 2010.0/x86_64/firefox-nl-3.5.4-0.1mdv2010.0.x86_64.rpm ddabbf7813a196c86a9f12790f154530 2010.0/x86_64/firefox-nn_NO-3.5.4-0.1mdv2010.0.x86_64.rpm d51e459880c2cb8caebeed2f4b5f30a0 2010.0/x86_64/firefox-oc-3.5.4-0.1mdv2010.0.x86_64.rpm 222288c908e4109cf20ebd1ba5051e2f 2010.0/x86_64/firefox-pa_IN-3.5.4-0.1mdv2010.0.x86_64.rpm 343a3e700320b1e8b013875e1c963764 2010.0/x86_64/firefox-pl-3.5.4-0.1mdv2010.0.x86_64.rpm f4acf1e3094834b9e8b8730e5781e3d2 2010.0/x86_64/firefox-pt_BR-3.5.4-0.1mdv2010.0.x86_64.rpm 7274cc1214199d7504210c8283df1343 2010.0/x86_64/firefox-pt_PT-3.5.4-0.1mdv2010.0.x86_64.rpm aa662296263be468521bf537557b21f0 2010.0/x86_64/firefox-ro-3.5.4-0.1mdv2010.0.x86_64.rpm 716aca0c4ae31eb610117109497a444d 2010.0/x86_64/firefox-ru-3.5.4-0.1mdv2010.0.x86_64.rpm 3ace8ea20d892d1dbed78dde6b6b94e9 2010.0/x86_64/firefox-si-3.5.4-0.1mdv2010.0.x86_64.rpm ade098bb6c3f1dd2f5b09b0af46d3551 2010.0/x86_64/firefox-sk-3.5.4-0.1mdv2010.0.x86_64.rpm 23e1fbbc0f7ea19abe452732769d2ff5 2010.0/x86_64/firefox-sl-3.5.4-0.1mdv2010.0.x86_64.rpm 026f1d875f1a6339c62851548cf1cfec 2010.0/x86_64/firefox-sq-3.5.4-0.1mdv2010.0.x86_64.rpm fdd0e6a5269d98828c5cf59115aa4e11 2010.0/x86_64/firefox-sr-3.5.4-0.1mdv2010.0.x86_64.rpm 2da145818827001b2ea9fd31b68c3468 2010.0/x86_64/firefox-sv_SE-3.5.4-0.1mdv2010.0.x86_64.rpm a181ab420d1c61abb1ab7955588c15d3 2010.0/x86_64/firefox-te-3.5.4-0.1mdv2010.0.x86_64.rpm 3710e05ba538afdbc3630173e384ea94 2010.0/x86_64/firefox-th-3.5.4-0.1mdv2010.0.x86_64.rpm 6664e778689cfcd1eceee54649ee1f31 2010.0/x86_64/firefox-theme-kde4ff-0.14-18.1mdv2010.0.x86_64.rpm 11c6c1317bebd5ac10a1853314d8ba27 2010.0/x86_64/firefox-tr-3.5.4-0.1mdv2010.0.x86_64.rpm 8735da4c6601294c20d447f89f4b6ec0 2010.0/x86_64/firefox-uk-3.5.4-0.1mdv2010.0.x86_64.rpm 7f9f35ffddcf6e4bf7fb47217f165868 2010.0/x86_64/firefox-zh_CN-3.5.4-0.1mdv2010.0.x86_64.rpm 6713f99874dab2be6f10fec329f3a410 2010.0/x86_64/firefox-zh_TW-3.5.4-0.1mdv2010.0.x86_64.rpm 166fb912d4a695c78395710733dbfbca 2010.0/x86_64/gnome-python-extras-2.25.3-10.1mdv2010.0.x86_64.rpm e0fd9a9e8e769d42c9cde670ae2005c0 2010.0/x86_64/gnome-python-gda-2.25.3-10.1mdv2010.0.x86_64.rpm b4a0ee777d65a3d741df0e50b82a5cdc 2010.0/x86_64/gnome-python-gda-devel-2.25.3-10.1mdv2010.0.x86_64.rpm 71879d0fea2955a10ee71996b82a5efa 2010.0/x86_64/gnome-python-gdl-2.25.3-10.1mdv2010.0.x86_64.rpm 5390f476ecbc6b8054a599e2c5a5e790 2010.0/x86_64/gnome-python-gtkhtml2-2.25.3-10.1mdv2010.0.x86_64.rpm 02acb94939d4bdba1672ac27b090249b 2010.0/x86_64/gnome-python-gtkmozembed-2.25.3-10.1mdv2010.0.x86_64.rpm fb9bee1736af40eb3d3d36cc8f547df9 2010.0/x86_64/gnome-python-gtkspell-2.25.3-10.1mdv2010.0.x86_64.rpm 01b1b3087fedc71a407e026db5227fed 2010.0/x86_64/google-gadgets-common-0.11.1-2.1mdv2010.0.x86_64.rpm 9e322a7219dff02f0fed2f73275cfda2 2010.0/x86_64/google-gadgets-gtk-0.11.1-2.1mdv2010.0.x86_64.rpm 0ca671c0bb45f7efeedf0961ef5b9f72 2010.0/x86_64/google-gadgets-qt-0.11.1-2.1mdv2010.0.x86_64.rpm db35b9e0859a21485aa2df192e6310e6 2010.0/x86_64/lib64ggadget1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm d21d90fa2cfa5b3e67bb5c49228576b9 2010.0/x86_64/lib64ggadget-dbus1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm 7763769602d65367ce3de258bf0ec443 2010.0/x86_64/lib64ggadget-gtk1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm 0a897420820ab2e760a36ed593a91039 2010.0/x86_64/lib64ggadget-js1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm 82fb87d482a21a8ab47706a1e24e9cde 2010.0/x86_64/lib64ggadget-npapi1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm 5bfc44160006ec5837416d54fdf2c9cf 2010.0/x86_64/lib64ggadget-qt1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm e83c7f97c3048aeca5169110cc388271 2010.0/x86_64/lib64ggadget-webkitjs0-0.11.1-2.1mdv2010.0.x86_64.rpm a3427fbe231df6ef7622acbfe4b46059 2010.0/x86_64/lib64ggadget-xdg1.0_0-0.11.1-2.1mdv2010.0.x86_64.rpm d15f31cccac4e82d1626dc03d0b3ab1c 2010.0/x86_64/lib64google-gadgets-devel-0.11.1-2.1mdv2010.0.x86_64.rpm 06e07653747492e8d1ef87e7a067b862 2010.0/x86_64/lib64opensc2-0.11.9-1.1mdv2010.0.x86_64.rpm f4c206bf5d1e2eade49831a79fe48264 2010.0/x86_64/lib64opensc-devel-0.11.9-1.1mdv2010.0.x86_64.rpm 2a2fa2b4bf67b7005d1cf2422bc9309d 2010.0/x86_64/lib64xulrunner1.9.1.4-1.9.1.4-0.1mdv2010.0.x86_64.rpm dfa65c7153daab784fbde2c127d1e8df 2010.0/x86_64/lib64xulrunner-devel-1.9.1.4-0.1mdv2010.0.x86_64.rpm 4c77c1bb1496ad76a5d24f0eb137c648 2010.0/x86_64/mozilla-plugin-opensc-0.11.9-1.1mdv2010.0.x86_64.rpm 375f4f52a6140af70c43117bcb0406d5 2010.0/x86_64/mozilla-thunderbird-beagle-0.3.9-19.1mdv2010.0.x86_64.rpm fcd76aa20c9963cd269b0de026e937b2 2010.0/x86_64/opensc-0.11.9-1.1mdv2010.0.x86_64.rpm bb088a24b343e47ce8c6756e0a57c37c 2010.0/x86_64/python-xpcom-1.9.1.4-0.1mdv2010.0.x86_64.rpm 9ba9eca2c96f0c1e6423dd6af5119f15 2010.0/x86_64/xulrunner-1.9.1.4-0.1mdv2010.0.x86_64.rpm a55b9b5568e7618430c07a878e146c50 2010.0/x86_64/yelp-2.28.0-1.1mdv2010.0.x86_64.rpm 11002834e306ad2599e115787b57ece9 2010.0/SRPMS/beagle-0.3.9-19.1mdv2010.0.src.rpm f35067064a0c78edff8b036ca67774f3 2010.0/SRPMS/epiphany-2.28.1-1.1mdv2010.0.src.rpm bc04de1e6d7b2fd083a1206c4482fb7b 2010.0/SRPMS/epiphany-extensions-2.28.1-1.1mdv2010.0.src.rpm f0b0c517ec14c9d5e47647f9bf08fc78 2010.0/SRPMS/firefox-3.5.4-0.1mdv2010.0.src.rpm 166554e926dcaab7ff2631817ee2b097 2010.0/SRPMS/firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.src.rpm 6432321af955bb76f1314dcf7598d4bd 2010.0/SRPMS/firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.src.rpm 0bfe93a46ccd200f974236740da44032 2010.0/SRPMS/firefox-ext-mozvoikko-1.0-6.1mdv2010.0.src.rpm 912dabafc0eedd8374b77bf19863f8b4 2010.0/SRPMS/firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.src.rpm ef882f13ad9f95334e87b4e4d1d062c2 2010.0/SRPMS/firefox-ext-r-kiosk-0.7.2-9.1mdv2010.0.src.rpm 8ecfa71225dd0500c8c4fdaaafe4fe22 2010.0/SRPMS/firefox-ext-scribefire-3.4.5-1.1mdv2010.0.src.rpm 0df78b1b0f21b07d00706d72296490b3 2010.0/SRPMS/firefox-l10n-3.5.4-0.1mdv2010.0.src.rpm 7a94ab5e7c21d73c1f8e074825fe93cd 2010.0/SRPMS/firefox-theme-kde4ff-0.14-18.1mdv2010.0.src.rpm a2906a74b07316a233c08eeaa09a827f 2010.0/SRPMS/gnome-python-extras-2.25.3-10.1mdv2010.0.src.rpm 5ca44eee599e669d3936c2d8074dbdf1 2010.0/SRPMS/google-gadgets-0.11.1-2.1mdv2010.0.src.rpm 3443a0354ae3c165243413cf2bd1a7dc 2010.0/SRPMS/opensc-0.11.9-1.1mdv2010.0.src.rpm e52f1e0b12809b71673467beef0e156f 2010.0/SRPMS/xulrunner-1.9.1.4-0.1mdv2010.0.src.rpm df7c1f2b4d6ee86a54319b934c717d39 2010.0/SRPMS/yelp-2.28.0-1.1mdv2010.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK80jzmqjQ0CJFipgRAg3VAJ9fVUjPzaXLeDEqg8r7RSMPft/1BQCg5qgB tbfeB4dua9AdXiQ1yMlumRA= =OT9l -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/