=========================================================== Ubuntu Security Notice USN-817-1 August 20, 2009 thunderbird vulnerabilities http://launchpad.net/bugs/416646 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: thunderbird 2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1 Ubuntu 8.10: thunderbird 2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1 Ubuntu 9.04: thunderbird 2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1 After a standard system upgrade you need to restart Thunderbird to effect the necessary changes. Details follow: Several flaws were discovered in the rendering engine of Thunderbird. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird. Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 129367 a46acd34aed1148759970e2bde6f3059 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2368 c8026b30a66814e8b30ff11a2f3f9447 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly.orig.tar.gz Size/MD5: 36199402 92d3a4a3b497cfcf54c905d0eb1c6e00 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 60600 8f00ec0ab72a360fdf959c71354ee430 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 60582 96a1a5d7ceb2f44f2cea477e16e0780b amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 3783924 d971905a01230935a998810f974618db http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 85484 3dd1da60dae983f1fb27ee1952026b68 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 12428428 df0d116218353b1ba3b96290081b49ab i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 3770572 533ab5cfdd2ae34b1fee6024aefd9abf http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 80880 09ec6e71645d9f3e79388722ae4bbbb5 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 11003638 b67d686a0a4648b47f28e7ab2d35eebe lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 3768342 4ad5416dd3eea9ce5c5f4b786655f730 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 80602 05ae7dd7d3e25095f25fdadf2314c723 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 10845236 8951b8f193dfaf7c7136f7ddfbd8d0e9 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 3787576 3c2df130b03ed6fa8b70c902816f2273 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 83884 01c5d402bf170d64f6b0ca73bde99bb6 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 12276638 b0122bbece2c205f5c779ece4035f386 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_sparc.deb Size/MD5: 3768882 5ff11338a4c896da0f85818ec8a2b532 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_sparc.deb Size/MD5: 80338 90a0da78e2cd9f36a22cf23755e2c089 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.04.1_sparc.deb Size/MD5: 11270488 16cefab6bc5db1cc01133abc56bb63cb Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 130165 ef864ec3b7fd72df9d9067f8d5f7b18b http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2350 6c90cd4c5e93fba4d98fc5258679bf22 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly.orig.tar.gz Size/MD5: 36199402 92d3a4a3b497cfcf54c905d0eb1c6e00 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 60910 8ed0a0a87761a1c28c6b3d24e133d702 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 60896 2d68379338f85079755e3b72becbdeee amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 3737338 da38110af9cd09fca38a63253020fb9b http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 85670 eb5c0afecca06cd6b2759f7c18e8e31f http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 12452620 391798cc82bde47f03cfa36dc1908d9e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 3721844 52aaa629acf99b4679a8eca836fc1298 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 81244 9cfd61fea4c081ce739b3e80bd0fa702 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 11063456 5d3f39340c4395659dd7071706102ac1 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 3718464 a8cf6cdea0603a2f01b91c802e602088 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 80974 7718f9d0e6d2a2d4d9df31108f10cbcb http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 10884672 a74bd8bbc62084e0bb116dc6df8bc9f0 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 3736294 b55cb4be3f64cd5dbf3317c2030fc1a3 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 84126 babaecca5b3aba0671930d5655b8060e http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 12237586 ddfa37fe0470074a963165d19e6e7335 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 3724482 7b27b816000018c01fc0287de7cefd89 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 80982 f83d62432c72a9daecf0632b1ed53480 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 11208814 057a3f0ba4a57a3bd75ab0913f17a215 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1.diff.gz Size/MD5: 131702 801e9b22953c9b0c52f56dee4a51be85 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1.dsc Size/MD5: 2350 8d6a24a4184da9a7990882302a0a6307 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly.orig.tar.gz Size/MD5: 36199402 92d3a4a3b497cfcf54c905d0eb1c6e00 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 61296 9cba5c0cdccca15fb5a89bc43adc5e55 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 61280 ee348a83198fe12025a05063626d235e amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 3737548 144745fba25b551c4c1c26e535d060b6 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 85992 d2dcb9c02fbd6cea4121830a3604b8c3 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 12454082 f4acb886e914b1dec4fe45753b4949cf i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 3722432 f263746a1737bf0f9a72723f1dfc9895 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 81666 8acbd084db8f639669bc3a457805a4a5 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 11063516 93c795c907a5c9926e6f8d636586c48b lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 3719022 a67933995250fb75999e73ee543e21b8 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 81384 a5d057a0c064fa93ddcd822e3c80456e http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 10884566 967a3e2d408e628df614a07e1f1df672 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 3736740 851f46b76c0709100373a3f604fa130f http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 84510 1612fc072ba54a5adc97bdf176f09b27 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 12238390 7d23c6ab91f3043a0520b49523074ff1 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 3724874 15e59e71ec2a1341df809b85329de3d9 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 81274 def10b81b5d9147c1cc2fdd9a8b37145 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.23+build1+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 11206998 98346f8838f328191eed05df38d838a7
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/