==========================================================================
Ubuntu Security Notice USN-1121-1
April 30, 2011
firefox vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
Summary:
Multiple firefox vulnerabilities
Software Description:
- firefox: Safe and easy web browser from Mozilla
Details:
Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek
discovered multiple memory vulnerabilities. An attacker could exploit these
to possibly run arbitrary code as the user running Firefox. (CVE-2011-0079)
It was discovered that there was a vulnerability in the memory handling of
certain types of content. An attacker could exploit this to possibly run
arbitrary code as the user running Firefox. (CVE-2011-0081)
It was discovered that Firefox incorrectly handled certain JavaScript
requests. An attacker could exploit this to possibly run arbitrary code as
the user running Firefox. (CVE-2011-0069)
Ian Beer discovered a vulnerability in the memory handling of a certain
types of documents. An attacker could exploit this to possibly run
arbitrary code as the user running Firefox. (CVE-2011-0070)
Chris Evans discovered a vulnerability in Firefox's XSLT generate-id()
function. An attacker could possibly use this vulnerability to make other
attacks more reliable. (CVE-2011-1202)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.04:
firefox 4.0.1+build1+nobinonly-0ubuntu0.11.04.1
After a standard system update you need to restart Firefox to make all the
necessary changes.
References:
CVE-2011-0079 CVE-2011-0081 CVE-2011-0069 CVE-2011-0070 CVE-2011-1202
Package Information:
https://launchpad.net/ubuntu/+source/firefox/4.0.1+build1+nobinonly-0ubuntu0.11.04.1
--------------enig54AF1F70E7DF6B08C6BE84B9
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk27WZsACgkQTniv4aqX/VnFfQCdGNT+Yci+mPjyOtVIEOpdhL2M
oA0AnRftv2rknaaUl9ysRCY55eCoXmfO
=X/Ww
-----END PGP SIGNATURE-----
--------------enig54AF1F70E7DF6B08C6BE84B9--
From - Mon May 2 10:18:21 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e00015765
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46780-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 5CB81EC203
for <lists@securityspace.com>; Mon, 2 May 2011 10:16:33 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 409F91437AE; Mon, 2 May 2011 07:46:59 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 12828 invoked from network); 1 May 2011 19:27:35 -0000
Message-ID: <4DBDB426.6030307@isecauditors.com>
Date: Sun, 01 May 2011 21:27:34 +0200
From: ISecAuditors Security Advisories <advisories@isecauditors.com>
Organization: Internet Security Auditors
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; es-ES; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: bugs@securitytracker.com, news@securiteam.com,
full-disclosure@lists.grok.org.uk, vuln@secunia.com,
packet@packetstormsecurity.org, bugtraq@securityfocus.com
Subject: [ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Status:
============================================INTERNET SECURITY AUDITORS ALERT 2010-007
- Original release date: August 11th, 2010
- Last revised: May 1st, 2011
- Discovered by: Vicente Aguilera Diaz
- Severity: 5.0/10 (CVSS Base Scored)
============================================
I. VULNERABILITY
-------------------------
XSS in Oracle Portal Database Access Descriptor
II. BACKGROUND
-------------------------
Oracle AS Portal is a Web-based application for building and deploying
portals. It provides a secure, manageable environment for accessing
and interacting with enterprise software services and information
resources.
III. DESCRIPTION
-------------------------
Has been detected a reflected XSS vulnerability in Oracle Application
Server, that allows the execution of arbitrary HTML/script code to be
executed in the context of the victim user's browser.
The code injection is done through the DAD name. A DAD (Database
Access Descriptor) is a set of values that specifies how a database
server should fulfill a HTTP request.
IV. PROOF OF CONCEPT
-------------------------
Original request:
http://<oracle-application-server>/portal/pls/<DAD>
Malicious request:
http://<oracle-application-server>/portal/pls/<XSS injection>
Example 1:
http://<oracle-application-server>/portal/pls/"<H1>XSS vulnerability<XSS
In this scenario, the attacker has the difficulty of being unable to
close the HTML tag because he's can not add the character "/" as part
of the code injection (DAD name). However, it is possible to generate
that character without appearing in the injection. Below is an example.
Example 2:
http://<oracle-application-server>/portal/pls/"<img src=""
onmouseover="document.body.innerHTML=String.fromCharCode(60,72,84,77,76,62,60,72,49,62,88,83,83,60,47,72,49,62,32,60,72,50,62,86,85,76,78,60,47,72,50,62);"><XSS
V. BUSINESS IMPACT
-------------------------
An attacker can execute arbitrary HTML or script code in a targeted
user's browser, this can leverage to steal sensitive information as
user credentials, personal data, etc.
VI. SYSTEMS AFFECTED
-------------------------
Tested in Oracle Application Server Portal (Oracle AS Portal) 10g,
version 10.1.2. Other versions may be affected too.
VII. SOLUTION
-------------------------
Install last CPU (Critical Patch Update).
VIII. REFERENCES
-------------------------
http://www.oracle.com
http://www.isecauditors.com
IX. CREDITS
-------------------------
This vulnerability has been discovered
by Vicente Aguilera Diaz (vaguilera (at) isecauditors (dot) com).
X. REVISION HISTORY
-------------------------
August 11, 2010: Initial release
May 01, 2011: Final revision
XI. DISCLOSURE TIMELINE
-------------------------
August 11, 2010: Discovered by Internet Security Auditors
August 11, 2010: Oracle contacted including PoC.
August 12, 2010: Oracle inform that will investigate
the vulnerability.
April 19, 2011: Oracle fixed the vulnerability in the
CPU (Critical Patch Update).
May 01, 2011: Sent to lists.
XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is"
with no warranties or guarantees of fitness of use or otherwise.
Internet Security Auditors accepts no responsibility for any damage
caused by the use or misuse of this information.
XIII. ABOUT
-------------------------
Internet Security Auditors is a Spain based leader in web application
testing, network security, penetration testing, security compliance
implementation and assessing. Our clients include some of the largest
companies in areas such as finance, telecommunications, insurance,
ITC, etc. We are vendor independent provider with a deep expertise
since 2001. Our efforts in R&D include vulnerability research, open
security project collaboration and whitepapers, presentations and
security events participation and promotion. For further information
regarding our security services, contact us.
From - Mon May 2 10:28:22 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e00015766
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46777-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 8791DEC203
for <lists@securityspace.com>; Mon, 2 May 2011 10:23:39 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id EE5C6143D5D; Mon, 2 May 2011 07:38:13 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 9965 invoked from network); 1 May 2011 17:18:11 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <jmm@inutil.org>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on liszt.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-13.6 required=4.0 tests=FOURLA,FVGT_m_MULTI_ODD,
LDO_WHITELIST,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,PGPSIGNATURE,
RCVD_IN_DNSWL_MED autolearn�iled version=3.2.5
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Amavis-Spam-Status: No, score=-15.58 tagged_above=-10000 required=5.3
tests=[BAYES_00=-2, FOURLA=0.1, FVGT_m_MULTI_ODD=0.02,
LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2,
PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-4] autolearn=ham
X-policyd-weight: using cached result; rate:hard: -6.1
Date: Sun, 1 May 2011 19:00:40 +0200
From: Moritz Muehlenhoff <jmm@debian.org>
Message-ID: <20110501170040.GA5420@pisco.westfalen.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-SA-Exim-Connect-IP: 82.83.227.205
X-SA-Exim-Mail-From: jmm@inutil.org
X-SA-Exim-Scanned: No (on inutil.org); SAEximRunCond expanded to false
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 2229-1] spip security update
Priority: urgent
X-Rc-Spam: 2008-11-04_01
X-Debian: PGP check passed for security officers
X-Rc-Virus: 2007-09-13_01
X-Rc-Spam: 2008-11-04_01
Resent-Message-ID: <HVcT2GUPyBI.A.z6B.RXZvNB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Sun, 1 May 2011 17:18:09 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2229-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
May 01, 2011
http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : spip
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : not yet available
A vulnerability has been found in SPIP, a website engine for publishing,
which allows a malicious registered author to disconnect the website
from its database, resulting in denial of service.
The oldstable distribution (lenny) doesn't include spip.
For the stable distribution (squeeze), this problem has been fixed in
version 2.1.1-3squeeze1.
The unstable distribution (sid) will be fixed soon.
We recommend that you upgrade your spip packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk29kVUACgkQXm3vHE4uylphHQCg1GRydLOV1omJfQYKkU9uSeQu
yP0AoNUKo1UUaOZuvLhxWRiIPc2TBv4D
=qmCF
-----END PGP SIGNATURE-----
From - Mon May 2 10:38:21 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e00015767
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46778-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id CE63AEC1DB
for <lists@securityspace.com>; Mon, 2 May 2011 10:28:42 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id EBBBB143D5E; Mon, 2 May 2011 07:38:56 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 15581 invoked from network); 1 May 2011 20:45:21 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <jmm@inutil.org>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on liszt.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-13.8 required=4.0 tests=FVGT_m_MULTI_ODD,
LDO_WHITELIST,MURPHY_WRONG_WORD2,PGPSIGNATURE,RCVD_IN_DNSWL_MED
autolearn�iled version=3.2.5
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Amavis-Spam-Status: No, score=-15.78 tagged_above=-10000 required=5.3
tests=[BAYES_00=-2, FVGT_m_MULTI_ODD=0.02, LDO_WHITELIST=-5,
MURPHY_WRONG_WORD2=0.2, PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-4]
autolearn=ham
X-policyd-weight: using cached result; rate: -6.1
Date: Sun, 1 May 2011 22:29:31 +0200
From: Moritz Muehlenhoff <jmm@debian.org>
Message-ID: <20110501202931.GA12818@pisco.westfalen.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-SA-Exim-Connect-IP: 82.83.227.205
X-SA-Exim-Mail-From: jmm@inutil.org
X-SA-Exim-Scanned: No (on inutil.org); SAEximRunCond expanded to false
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 2230-1] qemu-kvm security update
Priority: urgent
X-Rc-Spam: 2008-11-04_01
X-Debian: PGP check passed for security officers
X-Rc-Virus: 2007-09-13_01
X-Rc-Spam: 2008-11-04_01
Resent-Message-ID: <uyRm7GfKl9I.A.EeB.XZcvNB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Sun, 1 May 2011 20:45:11 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2230-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
May 01, 2011
http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : qemu-kvm
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0011 CVE-2011-1750
Debian Bug : 611134 624177
Two vulnerabilities have been discovered in KVM, a solution for full
virtualization on x86 hardware:
CVE-2011-0011
Setting the VNC password to an empty string silently disabled
all authentication.
CVE-2011-1750
The virtio-blk driver performed insufficient validation of
read/write I/O from the guest instance, which could lead to
denial of service or privilege escalation.
The oldstable distribution (lenny) is not affected by this problem.
For the stable distribution (squeeze), this problem has been fixed in
version 0.12.5+dfsg-5+squeeze1.
The unstable distribution (sid) will be fixed soon.
We recommend that you upgrade your qemu-kvm packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk29wnAACgkQXm3vHE4uylryIgCfX1ir5Gij+wdKVZF5oDSCmQO2
zxwAoOASbXvN+zR3ZaEgPF+3AExWeAZU
�xw
-----END PGP SIGNATURE-----
From - Mon May 2 10:38:21 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e00015768
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46772-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id D2BD9EC1ED
for <lists@securityspace.com>; Mon, 2 May 2011 10:33:35 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id C8262143A66; Mon, 2 May 2011 07:30:50 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 9242 invoked from network); 30 Apr 2011 04:10:26 -0000
MIME-Version: 1.0
X-Originating-IP: [120.20.125.98]
Date: Sat, 30 Apr 2011 14:10:22 +1000
Message-ID: <BANLkTikViyxYhxXOf0f2WqzP48eQzWfrYw@mail.gmail.com>
Subject: OSI Security: LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability
From: Patrick Webster <patrick@osisecurity.com.au>
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Status:
LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability
http://www.osisecurity.com.au/advisories/lansa-axes-web-terminal-tn5250-cross-site-scripting
Release Date:
30-Apr-2011
Software:
LANSA - aXes
http://www.lansa.com
http://www.axeslive.com
"Transform your 5250 applications into GUI browser-based applications
automatically � without changing any lines of your source code. Work with
IBM i, System i, iSeries and AS/400 5250 applications securely and efficiently
from browser-based devices running across the Internet, inside your corporate
Intranet or on a mobile network."
Versions tested:
Version V1R3M5 / VRM130.000 (135001) has been confirmed as
vulnerable. Other versions untested.
Vulnerability discovered:
Cross-site Scripting
Vulnerability impact:
Low - Remote content may contain JavaScript which is client executed.
May be used to steal authentication information.
Vulnerability information:
The remote page may contain JavaScript for XSS purposes, e.g. cookies.
Example:
https://[target]/axests/terminal?cssref=/ts/skins/axes_default.css?axbuild=135001&login="><script>alert("XSS");</script>
Recommendation:
Vendor did not respond.
Workaround:
Disable JavaScript, use a WAF / IDS etc.
Credit:
This vulnerability was discovered by Patrick Webster.
Disclosure timeline:
18-Sep-2010 - Discovered during audit.
23-Sep-2010 - Notified vendor. Received automated support ticket.
30-Apr-2011 - Disclosure.
About OSI Security:
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We provide internal
and external penetration testing, vulnerability auditing and wireless
site audits, vendor product assessments, secure network design,
forensics and risk mitigation services.
We can be found at
http://www.osisecurity.com.au/
From - Mon May 2 10:48:22 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e00015769
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46776-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id AF377EC203
for <lists@securityspace.com>; Mon, 2 May 2011 10:41:59 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id C68F2143D57; Mon, 2 May 2011 07:38:04 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 9597 invoked from network); 1 May 2011 16:51:12 -0000
Resent-Cc: recipient list not shown: ;
Old-Return-Path: <jmm@inutil.org>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on liszt.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-12.7 required=4.0 tests=FVGT_m_MULTI_ODD,
IMPRONONCABLE_2,LDO_WHITELIST,MURPHY_WRONG_WORD1,MURPHY_WRONG_WORD2,
PGPSIGNATURE,RCVD_IN_DNSWL_MED autolearn�iled version=3.2.5
X-Original-To: lists-debian-security-announce@liszt.debian.org
Delivered-To: lists-debian-security-announce@liszt.debian.org
X-Virus-Scanned: at lists.debian.org with policy bank moderated
X-Amavis-Spam-Status: No, score=-14.68 tagged_above=-10000 required=5.3
tests=[BAYES_00=-2, FVGT_m_MULTI_ODD=0.02, IMPRONONCABLE_2=1,
LDO_WHITELIST=-5, MURPHY_WRONG_WORD1=0.1, MURPHY_WRONG_WORD2=0.2,
PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-4] autolearn=ham
X-policyd-weight: using cached result; rate: -6.1
Date: Sun, 1 May 2011 18:34:39 +0200
From: Moritz Muehlenhoff <jmm@debian.org>
Message-ID: <20110501163439.GA3972@pisco.westfalen.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-SA-Exim-Connect-IP: 82.83.227.205
X-SA-Exim-Mail-From: jmm@inutil.org
X-SA-Exim-Scanned: No (on inutil.org); SAEximRunCond expanded to false
X-Debian: PGP check passed for security officers
Subject: [SECURITY] [DSA 2228-1] iceweasel security update
Priority: urgent
X-Rc-Spam: 2008-11-04_01
X-Debian: PGP check passed for security officers
X-Rc-Virus: 2007-09-13_01
X-Rc-Spam: 2008-11-04_01
Resent-Message-ID: <8x6wDGxQIeB.A.eZF.99YvNB@liszt>
Reply-To: listadmin@securityfocus.com
Mail-Followup-To: bugtraq@securityfocus.com
To: bugtraq@securityfocus.com
Resent-Date: Sun, 1 May 2011 16:51:09 +0000 (UTC)
Resent-From: list@liszt.debian.org (Mailing List Manager)
Status:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2228-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
May 01, 2011
http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : iceweasel
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0065 CVE-2011-0066 CVE-2011-0067 CVE-2011-0069
CVE-2011-0070 CVE-2011-0071 CVE-2011-0072 CVE-2011-0073
CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078
CVE-2011-0080 CVE-2011-0081
Several vulnerabilities have been found in Iceweasel, a web browser
based on Firefox:
CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081
"Scoobidiver", Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,
Mats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella
discovered memory corruption bugs, which may lead to the execution
of arbitrary code.
CVE-2011-0065 CVE-2011-0066 CVE-2011-0073
"regenrecht" discovered several dangling pointer vulnerabilities,
which may lead to the execution of arbitrary code.
CVE-2011-0067
Paul Stone discovered that Java applets could steal information
from the autocompletion history.
CVE-2011-0071
Soroush Dalili discovered a directory traversal vulnerability in
handling resource URIs.
For the oldstable distribution (lenny), this problem will be fixed soon
with updated packages of the xulrunner source package.
For the stable distribution (squeeze), this problem has been fixed in
version 3.5.16-7.
For the unstable distribution (sid), this problem has been fixed in
version 3.5.19-1.
We recommend that you upgrade your iceweasel packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
http://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk29i0gACgkQXm3vHE4uylr/OgCcC3KlHiOU6BKrTMMIDRkT2M39
xIYAn1xDbyNGKsrjLAfat/aMdDw73uYc
=PozC
-----END PGP SIGNATURE-----
From - Mon May 2 10:48:22 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e0001576b
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46769-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 48AF9EC203
for <lists@securityspace.com>; Mon, 2 May 2011 10:46:51 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 26B5E1436EF; Mon, 2 May 2011 07:22:14 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 4474 invoked from network); 30 Apr 2011 00:07:40 -0000
Message-ID: <4DBB52BE.2040702@canonical.com>
Date: Fri, 29 Apr 2011 19:07:26 -0500
From: Micah Gersten <micah@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110424 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Subject: [USN-1112-1] Firefox and Xulrunner vulnerabilities
X-Enigmail-Version: 1.1.2
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="------------enig9DD6338BB93BDDE4B5AFC9F5"
Status:
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig9DD6338BB93BDDE4B5AFC9F5
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1112-1
April 29, 2011
firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.10
- Ubuntu 10.04 LTS
- Ubuntu 9.10
- Ubuntu 8.04 LTS
Summary:
Multiple vulnerabilities in Firefox and Xulrunner
Software Description:
- firefox: safe and easy web browser from Mozilla
- xulrunner-1.9.2: XUL + XPCOM application runner
- firefox-3.5: safe and easy web browser from Mozilla
- firefox-3.0: safe and easy web browser from Mozilla
Details:
It was discovered that there was a vulnerability in the memory handling of
certain types of content. An attacker could exploit this to possibly run
arbitrary code as the user running Firefox. (CVE-2011-0081)
It was discovered that Firefox incorrectly handled certain JavaScript
requests. An attacker could exploit this to possibly run arbitrary code as
the user running Firefox. (CVE-2011-0069)
Ian Beer discovered a vulnerability in the memory handling of a certain
types of documents. An attacker could exploit this to possibly run
arbitrary code as the user running Firefox. (CVE-2011-0070)
Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren and Jesse Ruderman
discovered several memory vulnerabilities. An attacker could exploit these
to possibly run arbitrary code as the user running Firefox. (CVE-2011-0080)
Aki Helin discovered multiple vulnerabilities in the HTML rendering code.
An attacker could exploit these to possibly run arbitrary code as the user
running Firefox. (CVE-2011-0074, CVE-2011-0075)
Ian Beer discovered multiple overflow vulnerabilities. An attacker could
exploit these to possibly run arbitrary code as the user running Firefox.
(CVE-2011-0077, CVE-2011-0078)
Martin Barbella discovered a memory vulnerability in the handling of
certain DOM elements. An attacker could exploit this to possibly run
arbitrary code as the user running Firefox. (CVE-2011-0072)
It was discovered that there were use-after-free vulnerabilities in
Firefox's mChannel and mObserverList objects. An attacker could exploit
these to possibly run arbitrary code as the user running Firefox.
(CVE-2011-0065, CVE-2011-0066)
It was discovered that there was a vulnerability in the handling of the
nsTreeSelection element. An attacker serving malicious content could
exploit this to possibly run arbitrary code as the user running Firefox.
(CVE-2011-0073)
Paul Stone discovered a vulnerability in the handling of Java applets. An
attacker could use this to mimic interaction with form autocomplete
controls and steal entries from the form history. (CVE-2011-0067)
Soroush Dalili discovered a vulnerability in the resource: protocol. This
could potentially allow an attacker to load arbitrary files that were
accessible to the user running Firefox. (CVE-2011-0071)
Chris Evans discovered a vulnerability in Firefox's XSLT generate-id()
function. An attacker could possibly use this vulnerability to make other
attacks more reliable. (CVE-2011-1202)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 10.10:
firefox 3.6.17+build3+nobinonly-0ubuntu0.10.10.1
xulrunner-1.9.2 1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1
Ubuntu 10.04 LTS:
firefox 3.6.17+build3+nobinonly-0ubuntu0.10.04.1
xulrunner-1.9.2 1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1
Ubuntu 9.10:
firefox 3.6.17+build3+nobinonly-0ubuntu0.9.10.1
xulrunner-1.9.2 1.9.2.17+build3+nobinonly-0ubuntu0.9.10.1
Ubuntu 8.04 LTS:
firefox 3.6.17+build3+nobinonly-0ubuntu0.8.04.1
xulrunner-1.9.2 1.9.2.17+build3+nobinonly-0ubuntu0.8.04.1
After a standard system update you need to restart Firefox and any
applications which use Xulrunner to make all the necessary changes.
References:
CVE-2011-0081 CVE-2011-0069 CVE-2011-0070 CVE-2011-0080 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0072 CVE-2011-0065 CVE-2011-0066 CVE-2011-0073 CVE-2011-0067 CVE-2011-0071 CVE-2011-1202
Package Information:
https://launchpad.net/ubuntu/+source/firefox/3.6.17+build3+nobinonly-0ubuntu0.10.10.1
https://launchpad.net/ubuntu/+source/xulrunner-1.9.2/1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1
https://launchpad.net/ubuntu/+source/firefox/3.6.17+build3+nobinonly-0ubuntu0.10.04.1
https://launchpad.net/ubuntu/+source/xulrunner-1.9.2/1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1
https://launchpad.net/ubuntu/+source/firefox-3.5/3.6.17+build3+nobinonly-0ubuntu0.9.10.1
https://launchpad.net/ubuntu/+source/xulrunner-1.9.2/1.9.2.17+build3+nobinonly-0ubuntu0.9.10.1
https://launchpad.net/ubuntu/+source/firefox-3.0/3.6.17+build3+nobinonly-0ubuntu0.8.04.1
https://launchpad.net/ubuntu/+source/xulrunner-1.9.2/1.9.2.17+build3+nobinonly-0ubuntu0.8.04.1
--------------enig9DD6338BB93BDDE4B5AFC9F5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk27UsUACgkQTniv4aqX/VnKqACfYOkugoxhRhyTQPCOaYwPg24G
2XUAn1MO0BzWcUvwpnUowEsXK6ytWxZq
�SA
-----END PGP SIGNATURE-----
--------------enig9DD6338BB93BDDE4B5AFC9F5--
From - Mon May 2 10:58:21 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e0001576c
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46781-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 2D514EC12E
for <lists@securityspace.com>; Mon, 2 May 2011 10:53:19 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id D4E4A143D66; Mon, 2 May 2011 07:48:14 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 24342 invoked from network); 1 May 2011 22:59:31 -0000
Date: Sun, 1 May 2011 16:59:30 -0600
Message-Id: <201105012259.p41MxUeQ010085@www3.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: cxib@securityreason.com
To: bugtraq@securityfocus.com
Subject: Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion
Status:
[ Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion ]
Author: Maksymilian Arciemowicz
http://netbsd.org/donations/
http://securityreason.com/
http://cxib.net/
Date:
- Dis.: 19.01.2011
- Pub.: 02.05.2011
CVE: CVE-2011-0418
Affected Software (verified):
- NetBSD 5.1
- and more
Original URL:
http://securityreason.com/achievement_securityalert/97
--- 0.Description ---
#include <glob.h>
int glob(const char *pattern, int flags,
int (*errfunc)(const char *epath, int eerrno), glob_t *pglob);
Description
This function expands a filename wildcard which is passed as pattern.
GLOB_LIMIT Limit the amount of memory used by matches to ARG_MAX. This option should be set for programs that can be coerced to a denial of service attack via patterns that expand to a very large number of matches, such as a long string of */../*/..
--- 1. Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion ---
Analyzing history of GLOB_LIMIT, we should start since 2001, where it has been added to protect ftp servers before memory exhaustion.
http://www.mail-archive.com/bugtraq@securityfocus.com/msg04960.html
Any 'pattern', should be limited and controlled by GLOB LIMIT. Algorithm used in glob(3) is not optimal, and doesn't support functions like realpath() to eliminate duplicates. It's not easy to predict the greatest possible complexity. Anyway in 2010, netbsd has extended GLOB_LIMIT for a few new limits like: stats, readdir and malloc
OpenBSD has localized some integer overflow. In glob(3) function, exists some malloc() allowing allocate n<INT_MAX bytes into memory.
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.c.diff?r1=1.34;r2=1.35;f=h
-globextend()/openbsd--
749: newn = 2 + pglob->gl_pathc + pglob->gl_offs;
750: if (pglob->gl_offs >= INT_MAX ||
751: pglob->gl_pathc >= INT_MAX ||
752: newn >= INT_MAX ||
753: SIZE_MAX / sizeof(*pathv) <= newn ||
754: SIZE_MAX / sizeof(*statv) <= newn) {
755: nospace:
756: for (i = pglob->gl_offs; i < (ssize_t)(newn - 2); i++) {
757: if (pglob->gl_pathv && pglob->gl_pathv[i])
758: free(pglob->gl_pathv[i]);
759: if ((pglob->gl_flags & GLOB_KEEPSTAT) != 0 &&
760: pglob->gl_pathv && pglob->gl_pathv[i])
761: free(pglob->gl_statv[i]);
762: }
763: if (pglob->gl_pathv) {
764: free(pglob->gl_pathv);
765: pglob->gl_pathv = NULL;
766: }
767: if (pglob->gl_statv) {
768: free(pglob->gl_statv);
769: pglob->gl_statv = NULL;
770: }
771: return(GLOB_NOSPACE);
772: }
-globextend()/openbsd--
however SIZE_MAX and INT_MAX doesn't protect us before memory exhaustion. The real problem here is uncontrolled malloc(3) call. globextend() will be executed a lot of times and we should reduce calls to glob0() and globexp1(). Therefore has been created a new limit, limiting 'braces' used in 'pattern'.
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c.diff?r1=text&tr1=1.27&r2=text&tr2=1.29
If we don't reduce this call
-globextend()/netbsd--
static int
globextend(const Char *path, glob_t *pglob, size_t *limit)
{
char **pathv;
size_t i, newsize, len;
char *copy;
const Char *p;
_DIAGASSERT(path != NULL);
_DIAGASSERT(pglob != NULL);
newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs);
pathv = pglob->gl_pathv ? realloc(pglob->gl_pathv, newsize) :
malloc(newsize); <==== UNSECURE CALL
..
-globextend()/netbsd--
newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs);
malloc(3) try allocate (4*pglob->gl_pathc) bytes.
-PoC-
USER anonymous
PASS bla@bla.bla
STAT {a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}{a,b}
-PoC-
in result we get
Jan 19 04:49:17 127 /netbsd: UVM: pid 615 (ftpd), uid 1003 killed: out of swap
Many servers are still vulnerable to the above vulnerability and CVE-2010-4754, CVE-2010-4755, CVE-2010-4756, CVE-2010-2632. Servers like ftp.sun.com ftp.sony.com seems still be affected.
--- 2. References ---
http://securityreason.com/achievement_securityalert/89
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
http://support.avaya.com/css/P8/documents/100127892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2632
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4754
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4755
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0418
PoC:
change 'pattern' in
http://cxib.net/stuff/glob-0day.c
--- 3. Fix ---
Use CVS netbsd-5 netbsd-5-1 netbsd-5-0
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/glob.c
--- 4. Greets ---
Specials thanks for Christos Zoulas, spz
sp3x, Infospec
--- 5. Contact ---
Author: Maksymilian Arciemowicz
Email:
- cxib {a\./t] securityreason [d=t} com
GPG:
-
http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
http://netbsd.org/donations/
http://securityreason.com/
http://cxib.net/
From - Mon May 2 11:08:21 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e0001576d
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46770-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 80BB2EC203
for <lists@securityspace.com>; Mon, 2 May 2011 11:02:53 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id BF4101439B0; Mon, 2 May 2011 07:26:22 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 4774 invoked from network); 30 Apr 2011 00:22:59 -0000
Message-ID: <4DBB5658.9070100@canonical.com>
Date: Fri, 29 Apr 2011 19:22:48 -0500
From: Micah Gersten <micah@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110424 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Subject: [USN-1123-1] xulrunner-1.9.1 vulnerabilities
X-Enigmail-Version: 1.1.2
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="------------enigC372335CCC37D5CEE256DA25"
Status:
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigC372335CCC37D5CEE256DA25
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1123-1
April 30, 2011
xulrunner-1.9.1 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 9.10
Summary:
Multiple xulrunner-1.9.1 vulnerabilities
Software Description:
- xulrunner-1.9.1: XUL + XPCOM application runner
Details:
A large number of security issues were discovered in the Gecko rendering
engine. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 9.10:
xulrunner-1.9.1 1.9.1.19+build2+nobinonly-0ubuntu0.9.10.1
After a standard system update you need to restart any applications which
use Xulrunner to make all the necessary changes.
References:
CVE-2010-3776 CVE-2010-3778 CVE-2011-0053 CVE-2011-0062 CVE-2011-0051 CVE-2011-0055 CVE-2011-0054 CVE-2011-0056 CVE-2011-0057 CVE-2011-0058 CVE-2010-1585 CVE-2011-0059 CVE-2011-0069 CVE-2011-0070 CVE-2011-0080 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0072 CVE-2011-0065 CVE-2011-0066 CVE-2011-0073 CVE-2011-0067 CVE-2011-0071 CVE-2011-1202
Package Information:
https://launchpad.net/ubuntu/+source/xulrunner-1.9.1/1.9.1.19+build2+nobinonly-0ubuntu0.9.10.1
--------------enigC372335CCC37D5CEE256DA25
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk27VlgACgkQTniv4aqX/VnGFQCeITthesbBBwXMjryWYLnC3JEW
1w8An2gU6wCRR9H/00bckRZavrXvXg8O
=gnx9
-----END PGP SIGNATURE-----
--------------enigC372335CCC37D5CEE256DA25--
From - Mon May 2 11:18:21 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e0001576e
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46775-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 8223FEC203
for <lists@securityspace.com>; Mon, 2 May 2011 11:11:01 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id B7B7D143CE9; Mon, 2 May 2011 07:36:50 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 5416 invoked from network); 1 May 2011 11:54:09 -0000
To: bugtraq@securityfocus.com
Subject: [ MDVSA-2011:080 ] mozilla-thunderbird
Date: Sun, 01 May 2011 13:54:00 +0200
From: security@mandriva.com
Reply-To: <xsecurity@mandriva.com>
Message-Id: <E1QGVDs-0003F9-LH@titan.mandriva.com>
Status:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:080
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mozilla-thunderbird
Date : May 1, 2011
Affected: 2009.0, 2010.0, 2010.1
_______________________________________________________________________
Problem Description:
Security issues were identified and fixed in mozilla-thunderbird:
Security researcher Soroush Dalili reported that the resource:
protocol could be exploited to allow directory traversal on
Windows and the potential loading of resources from non-permitted
locations. The impact would depend on whether interesting files
existed in predictable locations in a useful format. For example,
the existence or non-existence of particular images might indicate
whether certain software was installed (CVE-2011-0071).
Mozilla developers identified and fixed several memory safety
bugs in the browser engine used in Firefox and other Mozilla-based
products. Some of these bugs showed evidence of memory corruption under
certain circumstances, and we presume that with enough effort at least
some of these could be exploited to run arbitrary code (CVE-2011-0081,
CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074,
CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072).
The mozilla-thunderbird-lightning package shipped with MDVSA-2011:042
had a packaging bug that prevented extension to be loaded (#59951).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath�9&products_idI0
Additionally, some packages which require so, have been rebuilt and
are being provided as updates.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0075
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0072
http://www.mozillamessaging.com/en-US/thunderbird/3.1.10/releasenotes/
https://qa.mandriva.com/59951
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
e7b632cce176f1dbca25c727989b955b 2009.0/i586/beagle-0.3.8-13.37mdv2009.0.i586.rpm
05693aa99e3c452e910cdefc44a74ae1 2009.0/i586/beagle-crawl-system-0.3.8-13.37mdv2009.0.i586.rpm
49a7f8e760455fcaf7f3e1e87093e01e 2009.0/i586/beagle-doc-0.3.8-13.37mdv2009.0.i586.rpm
7d17c0fd0b6fbdbe73f681bd577ca5e5 2009.0/i586/beagle-epiphany-0.3.8-13.37mdv2009.0.i586.rpm
6536a899634b8030f85ce18e98e65a7b 2009.0/i586/beagle-evolution-0.3.8-13.37mdv2009.0.i586.rpm
7987f4088e616428cc7ab4c8c43ff4cb 2009.0/i586/beagle-gui-0.3.8-13.37mdv2009.0.i586.rpm
39c8cf0575a0cf21c6e1b52600a2a71e 2009.0/i586/beagle-gui-qt-0.3.8-13.37mdv2009.0.i586.rpm
2ec41a45964a4860efa75ad0de0196cd 2009.0/i586/beagle-libs-0.3.8-13.37mdv2009.0.i586.rpm
d9f91af8eca4fa11cccd912fa71175a6 2009.0/i586/firefox-ext-beagle-0.3.8-13.37mdv2009.0.i586.rpm
6e2f679100352f14248badf320d4c3dc 2009.0/i586/mozilla-thunderbird-3.1.10-0.1mdv2009.0.i586.rpm
d3fd59371545c804817a4199f1eafe50 2009.0/i586/mozilla-thunderbird-af-3.1.10-0.1mdv2009.0.noarch.rpm
ecc752de97a0912dc5e6231e500aa6cd 2009.0/i586/mozilla-thunderbird-ar-3.1.10-0.1mdv2009.0.noarch.rpm
ed0085606edc396a96e417760bc66b38 2009.0/i586/mozilla-thunderbird-be-3.1.10-0.1mdv2009.0.noarch.rpm
57aa55dd78e3295810c15a7573a0c9bb 2009.0/i586/mozilla-thunderbird-beagle-0.3.8-13.37mdv2009.0.i586.rpm
87b945425598bacc7a2b7ca4a638681b 2009.0/i586/mozilla-thunderbird-bg-3.1.10-0.1mdv2009.0.noarch.rpm
11c8fe14baa873b7145f33e9e6c3837e 2009.0/i586/mozilla-thunderbird-bn_BD-3.1.10-0.1mdv2009.0.noarch.rpm
96f15277c72e5d6a17235aefb6cfaf9e 2009.0/i586/mozilla-thunderbird-ca-3.1.10-0.1mdv2009.0.noarch.rpm
c720e95ea15fd98da8cb533f3c232212 2009.0/i586/mozilla-thunderbird-cs-3.1.10-0.1mdv2009.0.noarch.rpm
9f5c2e5c050193189b9fb46272ad88b1 2009.0/i586/mozilla-thunderbird-da-3.1.10-0.1mdv2009.0.noarch.rpm
3387021b0c281155d0297d75041bdcf0 2009.0/i586/mozilla-thunderbird-de-3.1.10-0.1mdv2009.0.noarch.rpm
d363d946595f7b02cbcdc2db1873a739 2009.0/i586/mozilla-thunderbird-el-3.1.10-0.1mdv2009.0.noarch.rpm
0e34f4ac3c1c24a95c99f264b72d3df3 2009.0/i586/mozilla-thunderbird-en_GB-3.1.10-0.1mdv2009.0.noarch.rpm
731b9875a2057e7a855f2489a4d63ff0 2009.0/i586/mozilla-thunderbird-enigmail-3.1.10-0.1mdv2009.0.i586.rpm
7607c67628a3dd47ffe68f25ca59a551 2009.0/i586/mozilla-thunderbird-enigmail-ar-3.1.10-0.1mdv2009.0.i586.rpm
4d7c09538c35625b3a412bfb18309d52 2009.0/i586/mozilla-thunderbird-enigmail-ca-3.1.10-0.1mdv2009.0.i586.rpm
8e8736033e5fa1daed5e8c4c9c864a80 2009.0/i586/mozilla-thunderbird-enigmail-cs-3.1.10-0.1mdv2009.0.i586.rpm
a322a92a5f29cdc5970f0d81c094c661 2009.0/i586/mozilla-thunderbird-enigmail-de-3.1.10-0.1mdv2009.0.i586.rpm
7a7842f555abcb3d7a1250bc543d3b4f 2009.0/i586/mozilla-thunderbird-enigmail-el-3.1.10-0.1mdv2009.0.i586.rpm
ca3faab601048fab11c5788375b549cb 2009.0/i586/mozilla-thunderbird-enigmail-es-3.1.10-0.1mdv2009.0.i586.rpm
834bd93143251dc2165e4386de3b1ae4 2009.0/i586/mozilla-thunderbird-enigmail-fi-3.1.10-0.1mdv2009.0.i586.rpm
0268997dfaf0ff58576683f46506ec2a 2009.0/i586/mozilla-thunderbird-enigmail-fr-3.1.10-0.1mdv2009.0.i586.rpm
587383e978895bef356e85808170cb00 2009.0/i586/mozilla-thunderbird-enigmail-hu-3.1.10-0.1mdv2009.0.i586.rpm
065a28e5439b64ff33cd263caaf7c1ff 2009.0/i586/mozilla-thunderbird-enigmail-it-3.1.10-0.1mdv2009.0.i586.rpm
72e8539c4d8a835e73539451f9d79743 2009.0/i586/mozilla-thunderbird-enigmail-ja-3.1.10-0.1mdv2009.0.i586.rpm
ec2fa39093b1b45deda75c8b4f3ce539 2009.0/i586/mozilla-thunderbird-enigmail-ko-3.1.10-0.1mdv2009.0.i586.rpm
9a35a0719eba20dfb9f42ef77e729aa4 2009.0/i586/mozilla-thunderbird-enigmail-nb-3.1.10-0.1mdv2009.0.i586.rpm
eba60cfa265e2f9b4e00219d26ec253a 2009.0/i586/mozilla-thunderbird-enigmail-nl-3.1.10-0.1mdv2009.0.i586.rpm
eff956e0c686e501ce88c4bad777059c 2009.0/i586/mozilla-thunderbird-enigmail-pl-3.1.10-0.1mdv2009.0.i586.rpm
0eb4176bcabc3d5e2497ad256e6abaa1 2009.0/i586/mozilla-thunderbird-enigmail-pt-3.1.10-0.1mdv2009.0.i586.rpm
fa40c74eff022ce33ce63f2249bf2366 2009.0/i586/mozilla-thunderbird-enigmail-pt_BR-3.1.10-0.1mdv2009.0.i586.rpm
874811bfb68c2e43b46429566cc26853 2009.0/i586/mozilla-thunderbird-enigmail-ru-3.1.10-0.1mdv2009.0.i586.rpm
6dc33d1155680cf099d9285181d5b78a 2009.0/i586/mozilla-thunderbird-enigmail-sl-3.1.10-0.1mdv2009.0.i586.rpm
45ad15f2747ac158f30caefd014ebef5 2009.0/i586/mozilla-thunderbird-enigmail-sv-3.1.10-0.1mdv2009.0.i586.rpm
444a9a3a0e39e1b39b1b90b2197e148e 2009.0/i586/mozilla-thunderbird-enigmail-tr-3.1.10-0.1mdv2009.0.i586.rpm
853261565ba38d67e49adaff5383eb5d 2009.0/i586/mozilla-thunderbird-enigmail-vi-3.1.10-0.1mdv2009.0.i586.rpm
dd2603a66f00114e95a1f06a37d55a65 2009.0/i586/mozilla-thunderbird-enigmail-zh_CN-3.1.10-0.1mdv2009.0.i586.rpm
078b06609b4f0cec10733e1725c77e33 2009.0/i586/mozilla-thunderbird-enigmail-zh_TW-3.1.10-0.1mdv2009.0.i586.rpm
4a3fd73831cd2f0be817098168c14bec 2009.0/i586/mozilla-thunderbird-es_AR-3.1.10-0.1mdv2009.0.noarch.rpm
22a5977edff9ec0c20e308947ed2d865 2009.0/i586/mozilla-thunderbird-es_ES-3.1.10-0.1mdv2009.0.noarch.rpm
1c4f2a2b83b3cf5f2c7ec661818cc127 2009.0/i586/mozilla-thunderbird-et-3.1.10-0.1mdv2009.0.noarch.rpm
47bb699d09e3f7e995039e811d82f99e 2009.0/i586/mozilla-thunderbird-et_EE-3.1.10-0.1mdv2009.0.noarch.rpm
84287554bfc41bb77e30a905e43b3e8e 2009.0/i586/mozilla-thunderbird-eu-3.1.10-0.1mdv2009.0.noarch.rpm
74a7b1a1c41d69d252148a329921c981 2009.0/i586/mozilla-thunderbird-fi-3.1.10-0.1mdv2009.0.noarch.rpm
83e33e1b647ff2c481b4253566b84ca1 2009.0/i586/mozilla-thunderbird-fr-3.1.10-0.1mdv2009.0.noarch.rpm
4d9677f4c68921ee34d53baf4f74cb28 2009.0/i586/mozilla-thunderbird-fy-3.1.10-0.1mdv2009.0.noarch.rpm
bd82cfadfa5a14b87973e266b86935cf 2009.0/i586/mozilla-thunderbird-ga-3.1.10-0.1mdv2009.0.noarch.rpm
bbff458fafd31bfe202f34643e80d91a 2009.0/i586/mozilla-thunderbird-gd-3.1.10-0.1mdv2009.0.noarch.rpm
a53a0641bc8224e290d0ef6f0d3ed629 2009.0/i586/mozilla-thunderbird-gl-3.1.10-0.1mdv2009.0.noarch.rpm
904940a88e0784da5ff20385480e1211 2009.0/i586/mozilla-thunderbird-he-3.1.10-0.1mdv2009.0.noarch.rpm
c6ed7edd2be2b57bbd81c633db28082a 2009.0/i586/mozilla-thunderbird-hu-3.1.10-0.1mdv2009.0.noarch.rpm
313abe23262a2aaec96b7d6fdb676a97 2009.0/i586/mozilla-thunderbird-id-3.1.10-0.1mdv2009.0.noarch.rpm
9d061fe50e4d1757bbcf96f50ccfe125 2009.0/i586/mozilla-thunderbird-is-3.1.10-0.1mdv2009.0.noarch.rpm
f3db484d5faa3e55053c6977283f0265 2009.0/i586/mozilla-thunderbird-it-3.1.10-0.1mdv2009.0.noarch.rpm
a2e07167333b4d6e3ddcef5f940895eb 2009.0/i586/mozilla-thunderbird-ja-3.1.10-0.1mdv2009.0.noarch.rpm
26fb65b6416fa7b63e117e1f53fe5879 2009.0/i586/mozilla-thunderbird-ka-3.1.10-0.1mdv2009.0.noarch.rpm
641b5b2b17de711d59ae4f51462de57f 2009.0/i586/mozilla-thunderbird-ko-3.1.10-0.1mdv2009.0.noarch.rpm
7e7d3d53f2369f9ea69268ecf6957622 2009.0/i586/mozilla-thunderbird-lightning-3.1.10-0.1mdv2009.0.i586.rpm
7f2db133ecc92d653c6fcfa222a33db9 2009.0/i586/mozilla-thunderbird-lt-3.1.10-0.1mdv2009.0.noarch.rpm
a00d220699ab53239124477447d0a73f 2009.0/i586/mozilla-thunderbird-nb_NO-3.1.10-0.1mdv2009.0.noarch.rpm
9f3058e5aeffe11a4fe69b8830c94811 2009.0/i586/mozilla-thunderbird-nl-3.1.10-0.1mdv2009.0.noarch.rpm
6e8fbb1feae86ab086155d381c32ab25 2009.0/i586/mozilla-thunderbird-nn_NO-3.1.10-0.1mdv2009.0.noarch.rpm
df4b5397b314198995a710dd3ec3c1ae 2009.0/i586/mozilla-thunderbird-pa_IN-3.1.10-0.1mdv2009.0.noarch.rpm
3516781340e15563d5c194a4e0f01fa3 2009.0/i586/mozilla-thunderbird-pl-3.1.10-0.1mdv2009.0.noarch.rpm
130b5dc835d49c874b98383cd85dd409 2009.0/i586/mozilla-thunderbird-pt_BR-3.1.10-0.1mdv2009.0.noarch.rpm
94cdb358ae8b6f332c03fb96db3330ba 2009.0/i586/mozilla-thunderbird-pt_PT-3.1.10-0.1mdv2009.0.noarch.rpm
3788d81c9a70dea78448c91a76cd1ebb 2009.0/i586/mozilla-thunderbird-ro-3.1.10-0.1mdv2009.0.noarch.rpm
278a4842a52e08c23b6c951c699a1913 2009.0/i586/mozilla-thunderbird-ru-3.1.10-0.1mdv2009.0.noarch.rpm
f3504e412dd21c8c18697e7be302a554 2009.0/i586/mozilla-thunderbird-si-3.1.10-0.1mdv2009.0.noarch.rpm
8e8bc7c5d96f42b8e954e0bb19180542 2009.0/i586/mozilla-thunderbird-sk-3.1.10-0.1mdv2009.0.noarch.rpm
1e8f0c1cfb49314c689fa61ad2c38a7e 2009.0/i586/mozilla-thunderbird-sl-3.1.10-0.1mdv2009.0.noarch.rpm
84aa2ff9c11745c3bf11c4f2e4ef20d3 2009.0/i586/mozilla-thunderbird-sq-3.1.10-0.1mdv2009.0.noarch.rpm
e1afd578e726726aeb251c8ce3e7bf21 2009.0/i586/mozilla-thunderbird-sr-3.1.10-0.1mdv2009.0.noarch.rpm
321a23cfb4e2130625f7aaa0b04ed13a 2009.0/i586/mozilla-thunderbird-sv_SE-3.1.10-0.1mdv2009.0.noarch.rpm
68cdec48c759e84b47c16a514cb9184e 2009.0/i586/mozilla-thunderbird-tr-3.1.10-0.1mdv2009.0.noarch.rpm
d6526cfb87acbbf25841aecd72adb0c4 2009.0/i586/mozilla-thunderbird-uk-3.1.10-0.1mdv2009.0.noarch.rpm
a4c17a8e22926f15f4e54ced7134936b 2009.0/i586/mozilla-thunderbird-vi-3.1.10-0.1mdv2009.0.noarch.rpm
e8abdd19afc391f01de5fb5e24a50b35 2009.0/i586/mozilla-thunderbird-zh_CN-3.1.10-0.1mdv2009.0.noarch.rpm
557633f30705dc9f808052832b625563 2009.0/i586/mozilla-thunderbird-zh_TW-3.1.10-0.1mdv2009.0.noarch.rpm
5397fc41f60d529b6ec531ad0659561a 2009.0/i586/nsinstall-3.1.10-0.1mdv2009.0.i586.rpm
dca6fc25016eaa3eef688f164f846ae2 2009.0/SRPMS/beagle-0.3.8-13.37mdv2009.0.src.rpm
d14223a3420b7b8bf019276de10f2f5e 2009.0/SRPMS/mozilla-thunderbird-3.1.10-0.1mdv2009.0.src.rpm
b2ab45601e0ba60d0d7eda141b9375d1 2009.0/SRPMS/mozilla-thunderbird-l10n-3.1.10-0.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
bbaf5e379ede0d6443d1ef096b739207 2009.0/x86_64/beagle-0.3.8-13.37mdv2009.0.x86_64.rpm
c122b27670ffb648b58f2ba56213b651 2009.0/x86_64/beagle-crawl-system-0.3.8-13.37mdv2009.0.x86_64.rpm
ba204f6ed9c417da5ae796318e8c4f1e 2009.0/x86_64/beagle-doc-0.3.8-13.37mdv2009.0.x86_64.rpm
0c9d4be5dd066f940dde18c04e78d8e2 2009.0/x86_64/beagle-epiphany-0.3.8-13.37mdv2009.0.x86_64.rpm
1c165574ca7a3179470dc315ebd56c0a 2009.0/x86_64/beagle-evolution-0.3.8-13.37mdv2009.0.x86_64.rpm
f25cfe33ce0fff77b7cda40bc68053c6 2009.0/x86_64/beagle-gui-0.3.8-13.37mdv2009.0.x86_64.rpm
32dd8fcdda39f666f2369860bb622a2a 2009.0/x86_64/beagle-gui-qt-0.3.8-13.37mdv2009.0.x86_64.rpm
736d603532a48d48f4f06e42da53fe5c 2009.0/x86_64/beagle-libs-0.3.8-13.37mdv2009.0.x86_64.rpm
646cb59795f5852b92b3fb1221984566 2009.0/x86_64/firefox-ext-beagle-0.3.8-13.37mdv2009.0.x86_64.rpm
bd90b23fc299abb6e7354ebee20468d5 2009.0/x86_64/mozilla-thunderbird-3.1.10-0.1mdv2009.0.x86_64.rpm
ed2109332e2680e13567a7973d1760f3 2009.0/x86_64/mozilla-thunderbird-af-3.1.10-0.1mdv2009.0.noarch.rpm
8496b73839e172bbda0c1e1d21152ca2 2009.0/x86_64/mozilla-thunderbird-ar-3.1.10-0.1mdv2009.0.noarch.rpm
8c483a0a22b31a3f0dc6845fda5b2d39 2009.0/x86_64/mozilla-thunderbird-be-3.1.10-0.1mdv2009.0.noarch.rpm
b1b935cc2cbde9d592daaeb0c464ddeb 2009.0/x86_64/mozilla-thunderbird-beagle-0.3.8-13.37mdv2009.0.x86_64.rpm
a6348d9ff16d6251664ebc6845b09e9f 2009.0/x86_64/mozilla-thunderbird-bg-3.1.10-0.1mdv2009.0.noarch.rpm
868096680227d1cbf5f1713c6f3df690 2009.0/x86_64/mozilla-thunderbird-bn_BD-3.1.10-0.1mdv2009.0.noarch.rpm
562d738bfbf056e7fefbd31f148c4786 2009.0/x86_64/mozilla-thunderbird-ca-3.1.10-0.1mdv2009.0.noarch.rpm
fba92b71eeede760a4734cd34e38c100 2009.0/x86_64/mozilla-thunderbird-cs-3.1.10-0.1mdv2009.0.noarch.rpm
855b7b8998e2fa3fe86a61ca4f57b1a0 2009.0/x86_64/mozilla-thunderbird-da-3.1.10-0.1mdv2009.0.noarch.rpm
fcae39f59b1553ee2b7f144502d25e7d 2009.0/x86_64/mozilla-thunderbird-de-3.1.10-0.1mdv2009.0.noarch.rpm
84abd36bda1949b01ddf0fc5a403776a 2009.0/x86_64/mozilla-thunderbird-el-3.1.10-0.1mdv2009.0.noarch.rpm
b6fcd62c2e1ae2aba7caaa0c1f52030e 2009.0/x86_64/mozilla-thunderbird-en_GB-3.1.10-0.1mdv2009.0.noarch.rpm
3782770841155431cbf75f8b0201ff68 2009.0/x86_64/mozilla-thunderbird-enigmail-3.1.10-0.1mdv2009.0.x86_64.rpm
e583a16156e4b31c20f75dc754194f77 2009.0/x86_64/mozilla-thunderbird-enigmail-ar-3.1.10-0.1mdv2009.0.x86_64.rpm
3629573c33b06a294520117f1b4d6bb8 2009.0/x86_64/mozilla-thunderbird-enigmail-ca-3.1.10-0.1mdv2009.0.x86_64.rpm
0e6d0016ff00bd08592d1aa20b20eee0 2009.0/x86_64/mozilla-thunderbird-enigmail-cs-3.1.10-0.1mdv2009.0.x86_64.rpm
c72ef68ba07b3df575ffff99f559257b 2009.0/x86_64/mozilla-thunderbird-enigmail-de-3.1.10-0.1mdv2009.0.x86_64.rpm
a6928b5f052632eb1b457fb9a4fc268e 2009.0/x86_64/mozilla-thunderbird-enigmail-el-3.1.10-0.1mdv2009.0.x86_64.rpm
f4d16278e4a5cb703b935e4f3d0f113e 2009.0/x86_64/mozilla-thunderbird-enigmail-es-3.1.10-0.1mdv2009.0.x86_64.rpm
cfe938eaa575947f0063572288d914c8 2009.0/x86_64/mozilla-thunderbird-enigmail-fi-3.1.10-0.1mdv2009.0.x86_64.rpm
759ee88315ecf8832cb1d1183b9c709a 2009.0/x86_64/mozilla-thunderbird-enigmail-fr-3.1.10-0.1mdv2009.0.x86_64.rpm
17ba8d3aaca17f7a27683ff99149b811 2009.0/x86_64/mozilla-thunderbird-enigmail-hu-3.1.10-0.1mdv2009.0.x86_64.rpm
57a01ce9a1b51e39d290ee1e17d4315e 2009.0/x86_64/mozilla-thunderbird-enigmail-it-3.1.10-0.1mdv2009.0.x86_64.rpm
508fced3aa205cae45b9106fb68f7334 2009.0/x86_64/mozilla-thunderbird-enigmail-ja-3.1.10-0.1mdv2009.0.x86_64.rpm
8303450d93b5f6bd5237194efac692dd 2009.0/x86_64/mozilla-thunderbird-enigmail-ko-3.1.10-0.1mdv2009.0.x86_64.rpm
0e5cfdb33bf057025147ea3cdcc615ca 2009.0/x86_64/mozilla-thunderbird-enigmail-nb-3.1.10-0.1mdv2009.0.x86_64.rpm
4f5452c515688bde5cd7b7d0f8b1de0d 2009.0/x86_64/mozilla-thunderbird-enigmail-nl-3.1.10-0.1mdv2009.0.x86_64.rpm
b47109e94332e1492ea28eecfaf97a8c 2009.0/x86_64/mozilla-thunderbird-enigmail-pl-3.1.10-0.1mdv2009.0.x86_64.rpm
eebc584ec17ca4700f2aa11ed3091750 2009.0/x86_64/mozilla-thunderbird-enigmail-pt-3.1.10-0.1mdv2009.0.x86_64.rpm
8f1903d9accb07531deb31c30e2bc120 2009.0/x86_64/mozilla-thunderbird-enigmail-pt_BR-3.1.10-0.1mdv2009.0.x86_64.rpm
340f7cdd5cd1456ab0298f6cc4c0514c 2009.0/x86_64/mozilla-thunderbird-enigmail-ru-3.1.10-0.1mdv2009.0.x86_64.rpm
8833f973a95d9904218fcb866858e314 2009.0/x86_64/mozilla-thunderbird-enigmail-sl-3.1.10-0.1mdv2009.0.x86_64.rpm
2304943597bb3ab7bab0cc0d9ba2351e 2009.0/x86_64/mozilla-thunderbird-enigmail-sv-3.1.10-0.1mdv2009.0.x86_64.rpm
db47a6ca4ea562ffa872c429fa65d7c2 2009.0/x86_64/mozilla-thunderbird-enigmail-tr-3.1.10-0.1mdv2009.0.x86_64.rpm
919d58e87b884c6145ba9d5c91daac51 2009.0/x86_64/mozilla-thunderbird-enigmail-vi-3.1.10-0.1mdv2009.0.x86_64.rpm
9dd758794662b033a0d2c3042ce5085d 2009.0/x86_64/mozilla-thunderbird-enigmail-zh_CN-3.1.10-0.1mdv2009.0.x86_64.rpm
9b80404ca3b26a9fda12c43d05305f4d 2009.0/x86_64/mozilla-thunderbird-enigmail-zh_TW-3.1.10-0.1mdv2009.0.x86_64.rpm
74d1223d8b37b9a9b18b3d72a1211cb0 2009.0/x86_64/mozilla-thunderbird-es_AR-3.1.10-0.1mdv2009.0.noarch.rpm
b9376f87f6a677bca335812ca267ac2a 2009.0/x86_64/mozilla-thunderbird-es_ES-3.1.10-0.1mdv2009.0.noarch.rpm
f0bbb9ec72aa7dfdf4d2dda675b50da8 2009.0/x86_64/mozilla-thunderbird-et-3.1.10-0.1mdv2009.0.noarch.rpm
feb68f126885700113a265be9e26d216 2009.0/x86_64/mozilla-thunderbird-et_EE-3.1.10-0.1mdv2009.0.noarch.rpm
91198c8ad0852b111182e74b8f17c73b 2009.0/x86_64/mozilla-thunderbird-eu-3.1.10-0.1mdv2009.0.noarch.rpm
4bee6d614914e65e8e9b9402b4a73be6 2009.0/x86_64/mozilla-thunderbird-fi-3.1.10-0.1mdv2009.0.noarch.rpm
2d77c06e2a8ad967e4f7984e7b2d74a6 2009.0/x86_64/mozilla-thunderbird-fr-3.1.10-0.1mdv2009.0.noarch.rpm
8123490ef6c85812fc1a5088b88d82dd 2009.0/x86_64/mozilla-thunderbird-fy-3.1.10-0.1mdv2009.0.noarch.rpm
cc3d56021ed5847115ae13a4b080ab07 2009.0/x86_64/mozilla-thunderbird-ga-3.1.10-0.1mdv2009.0.noarch.rpm
967b31dc1540304fda081ea016c68c28 2009.0/x86_64/mozilla-thunderbird-gd-3.1.10-0.1mdv2009.0.noarch.rpm
554088ad05f130236c9c11ca70b48685 2009.0/x86_64/mozilla-thunderbird-gl-3.1.10-0.1mdv2009.0.noarch.rpm
fd1b8f58839246c9142cb0adbd87afae 2009.0/x86_64/mozilla-thunderbird-he-3.1.10-0.1mdv2009.0.noarch.rpm
2d2c152065564691d81768592640176b 2009.0/x86_64/mozilla-thunderbird-hu-3.1.10-0.1mdv2009.0.noarch.rpm
1343fc51098df00aa1dd691f1aee1c54 2009.0/x86_64/mozilla-thunderbird-id-3.1.10-0.1mdv2009.0.noarch.rpm
e502d9a1733e3913d3898880a84e7a1b 2009.0/x86_64/mozilla-thunderbird-is-3.1.10-0.1mdv2009.0.noarch.rpm
5f295190b4cf4f5a36d6aefbad4c67a2 2009.0/x86_64/mozilla-thunderbird-it-3.1.10-0.1mdv2009.0.noarch.rpm
033cca1c5487d12ad1bdd68e9b3c1706 2009.0/x86_64/mozilla-thunderbird-ja-3.1.10-0.1mdv2009.0.noarch.rpm
51f2bc17e62e852541c7fa304e3eca99 2009.0/x86_64/mozilla-thunderbird-ka-3.1.10-0.1mdv2009.0.noarch.rpm
b7c7d357cf7a88f4afb48a8e11cd2fff 2009.0/x86_64/mozilla-thunderbird-ko-3.1.10-0.1mdv2009.0.noarch.rpm
d6e5554619efb2a0707a376bcb047dbc 2009.0/x86_64/mozilla-thunderbird-lightning-3.1.10-0.1mdv2009.0.x86_64.rpm
7558c037586cac921026e34009e3edef 2009.0/x86_64/mozilla-thunderbird-lt-3.1.10-0.1mdv2009.0.noarch.rpm
8bc4c49a5f6715d9955e9d9a2068cd0a 2009.0/x86_64/mozilla-thunderbird-nb_NO-3.1.10-0.1mdv2009.0.noarch.rpm
55366f8e9e31ffccc78c4333f9b83902 2009.0/x86_64/mozilla-thunderbird-nl-3.1.10-0.1mdv2009.0.noarch.rpm
3c4bcad3cbeccaff082ed1b3320f357c 2009.0/x86_64/mozilla-thunderbird-nn_NO-3.1.10-0.1mdv2009.0.noarch.rpm
403b30357205ef87429de9b22d32b72b 2009.0/x86_64/mozilla-thunderbird-pa_IN-3.1.10-0.1mdv2009.0.noarch.rpm
c6fd3c311f252b8b0154efe9441c8fbe 2009.0/x86_64/mozilla-thunderbird-pl-3.1.10-0.1mdv2009.0.noarch.rpm
5c3c67f7ae301bb4cf2f218bce155ee2 2009.0/x86_64/mozilla-thunderbird-pt_BR-3.1.10-0.1mdv2009.0.noarch.rpm
ff3bc5ab4aa11ec0727d341a6e24542b 2009.0/x86_64/mozilla-thunderbird-pt_PT-3.1.10-0.1mdv2009.0.noarch.rpm
f3c72dc0a320a5a71ee4f4e6ed0f798d 2009.0/x86_64/mozilla-thunderbird-ro-3.1.10-0.1mdv2009.0.noarch.rpm
92e2186e151d8851c4b9a4e9a8a6536c 2009.0/x86_64/mozilla-thunderbird-ru-3.1.10-0.1mdv2009.0.noarch.rpm
6c3acb3286178f1d9e54e428e29c7b4a 2009.0/x86_64/mozilla-thunderbird-si-3.1.10-0.1mdv2009.0.noarch.rpm
8cace5e5498cd00571eb99e7bde6a03f 2009.0/x86_64/mozilla-thunderbird-sk-3.1.10-0.1mdv2009.0.noarch.rpm
c4e532548f431f489ac6944bf9a4a663 2009.0/x86_64/mozilla-thunderbird-sl-3.1.10-0.1mdv2009.0.noarch.rpm
b1ff8ca468b92f30e874ad7c8fbf8bfe 2009.0/x86_64/mozilla-thunderbird-sq-3.1.10-0.1mdv2009.0.noarch.rpm
39206bfcf55adea0c2f9c7ea0bfd2890 2009.0/x86_64/mozilla-thunderbird-sr-3.1.10-0.1mdv2009.0.noarch.rpm
41eac8d762f95052741b2a2c236353c0 2009.0/x86_64/mozilla-thunderbird-sv_SE-3.1.10-0.1mdv2009.0.noarch.rpm
8d8ffc20adfed2a2b4a3cb0b9ce5e16d 2009.0/x86_64/mozilla-thunderbird-tr-3.1.10-0.1mdv2009.0.noarch.rpm
9f44a8867d21c4513b0818f3f1b0a3a2 2009.0/x86_64/mozilla-thunderbird-uk-3.1.10-0.1mdv2009.0.noarch.rpm
90b77897d660eebb096c1cb6472d43bc 2009.0/x86_64/mozilla-thunderbird-vi-3.1.10-0.1mdv2009.0.noarch.rpm
d4255667a4912e2977e738bdffb2168d 2009.0/x86_64/mozilla-thunderbird-zh_CN-3.1.10-0.1mdv2009.0.noarch.rpm
72488177e0e70ecb23231ab0512ceb04 2009.0/x86_64/mozilla-thunderbird-zh_TW-3.1.10-0.1mdv2009.0.noarch.rpm
a677b56d13a2cbd9ed59d2102a339d4a 2009.0/x86_64/nsinstall-3.1.10-0.1mdv2009.0.x86_64.rpm
dca6fc25016eaa3eef688f164f846ae2 2009.0/SRPMS/beagle-0.3.8-13.37mdv2009.0.src.rpm
d14223a3420b7b8bf019276de10f2f5e 2009.0/SRPMS/mozilla-thunderbird-3.1.10-0.1mdv2009.0.src.rpm
b2ab45601e0ba60d0d7eda141b9375d1 2009.0/SRPMS/mozilla-thunderbird-l10n-3.1.10-0.1mdv2009.0.src.rpm
Mandriva Linux 2010.0:
ca9016922584b2b9b75965e9fa3cac1d 2010.0/i586/beagle-0.3.9-20.25mdv2010.0.i586.rpm
c06ed01aa70268aac52099649faa2edc 2010.0/i586/beagle-crawl-system-0.3.9-20.25mdv2010.0.i586.rpm
60264f98c3875e39aee919784c1f3f61 2010.0/i586/beagle-doc-0.3.9-20.25mdv2010.0.i586.rpm
0717e1710483d47593c05c26799bc705 2010.0/i586/beagle-evolution-0.3.9-20.25mdv2010.0.i586.rpm
43ba3616b3632684e071bedf87167f00 2010.0/i586/beagle-gui-0.3.9-20.25mdv2010.0.i586.rpm
dcb3a21be01de2d394558bd641c287e3 2010.0/i586/beagle-gui-qt-0.3.9-20.25mdv2010.0.i586.rpm
a426844c3d72b9966173713efd74cd54 2010.0/i586/beagle-libs-0.3.9-20.25mdv2010.0.i586.rpm
218c118eb17f27ca42ee821d2e4b4e57 2010.0/i586/firefox-ext-beagle-0.3.9-20.25mdv2010.0.i586.rpm
0b2fac5575ad2c8f2fab63a04bd1284a 2010.0/i586/mozilla-thunderbird-3.1.10-0.1mdv2010.0.i586.rpm
cb040854ced3733af284797abe599f57 2010.0/i586/mozilla-thunderbird-af-3.1.10-0.1mdv2010.0.noarch.rpm
b0037e236818791c492cbd4c33f578f6 2010.0/i586/mozilla-thunderbird-ar-3.1.10-0.1mdv2010.0.noarch.rpm
3935b89740e5fd3232c3e8b0fc148059 2010.0/i586/mozilla-thunderbird-be-3.1.10-0.1mdv2010.0.noarch.rpm
0b14432c2fdee76740464a0aef791cdf 2010.0/i586/mozilla-thunderbird-beagle-0.3.9-20.25mdv2010.0.i586.rpm
fd92984c84e8a67e1ec674cec39689ec 2010.0/i586/mozilla-thunderbird-bg-3.1.10-0.1mdv2010.0.noarch.rpm
7f354d2b70b2c421caf82b7162ecde6b 2010.0/i586/mozilla-thunderbird-bn_BD-3.1.10-0.1mdv2010.0.noarch.rpm
e7ee5f3b2b3e6d0007397d9421cba8cb 2010.0/i586/mozilla-thunderbird-ca-3.1.10-0.1mdv2010.0.noarch.rpm
de670f673a154bafac800c554ae0c614 2010.0/i586/mozilla-thunderbird-cs-3.1.10-0.1mdv2010.0.noarch.rpm
578ecc075d99785c11513b25c0af5927 2010.0/i586/mozilla-thunderbird-da-3.1.10-0.1mdv2010.0.noarch.rpm
64a42b2c2d204f6f9933abead130449d 2010.0/i586/mozilla-thunderbird-de-3.1.10-0.1mdv2010.0.noarch.rpm
bf71957fda303e183eb9a2af980ba2e4 2010.0/i586/mozilla-thunderbird-el-3.1.10-0.1mdv2010.0.noarch.rpm
fb60e1e44b8e0b17d27cc99ae1503a4e 2010.0/i586/mozilla-thunderbird-en_GB-3.1.10-0.1mdv2010.0.noarch.rpm
88fea6c8c91a9d1d81bd45ceda176ec4 2010.0/i586/mozilla-thunderbird-enigmail-3.1.10-0.1mdv2010.0.i586.rpm
d67fd880db68df7daba6d0dfa4ab075f 2010.0/i586/mozilla-thunderbird-enigmail-ar-3.1.10-0.1mdv2010.0.noarch.rpm
fa55b67c8980d922eaadb951ee853c35 2010.0/i586/mozilla-thunderbird-enigmail-ca-3.1.10-0.1mdv2010.0.noarch.rpm
374dbf68c4535ce7cb6e591a1b6c9df6 2010.0/i586/mozilla-thunderbird-enigmail-cs-3.1.10-0.1mdv2010.0.noarch.rpm
94c3031b96a2651d12c191df788f07d9 2010.0/i586/mozilla-thunderbird-enigmail-de-3.1.10-0.1mdv2010.0.noarch.rpm
cd1dffa81e283551b7121e5e939270a1 2010.0/i586/mozilla-thunderbird-enigmail-el-3.1.10-0.1mdv2010.0.noarch.rpm
59441772a3864e47eba1a2fe2ff51ee1 2010.0/i586/mozilla-thunderbird-enigmail-es-3.1.10-0.1mdv2010.0.noarch.rpm
3acf32c1595e874c839000ae385b63ad 2010.0/i586/mozilla-thunderbird-enigmail-fi-3.1.10-0.1mdv2010.0.noarch.rpm
b1a2d0d23fa3b1c0711a6f41bf91dd56 2010.0/i586/mozilla-thunderbird-enigmail-fr-3.1.10-0.1mdv2010.0.noarch.rpm
0628338f4eacc341d917c1c9e9697eb9 2010.0/i586/mozilla-thunderbird-enigmail-hu-3.1.10-0.1mdv2010.0.noarch.rpm
61fee210c4babbc36a5c35e7248e70d1 2010.0/i586/mozilla-thunderbird-enigmail-it-3.1.10-0.1mdv2010.0.noarch.rpm
9ed7d32d197913c776434a80b5d0a77c 2010.0/i586/mozilla-thunderbird-enigmail-ja-3.1.10-0.1mdv2010.0.noarch.rpm
337aca8e5bf30eec45a1fbb865373e3a 2010.0/i586/mozilla-thunderbird-enigmail-ko-3.1.10-0.1mdv2010.0.noarch.rpm
aa746353e0dffac32bf8e6d803a24e6e 2010.0/i586/mozilla-thunderbird-enigmail-nb-3.1.10-0.1mdv2010.0.noarch.rpm
9270fe19a5819919a869048c55994544 2010.0/i586/mozilla-thunderbird-enigmail-nl-3.1.10-0.1mdv2010.0.noarch.rpm
d9ad6780c44669de0f9eaa65b3c155cd 2010.0/i586/mozilla-thunderbird-enigmail-pl-3.1.10-0.1mdv2010.0.noarch.rpm
389d592ddbb79da98c135b0043006489 2010.0/i586/mozilla-thunderbird-enigmail-pt-3.1.10-0.1mdv2010.0.noarch.rpm
9e1474fdb3bc753fa9f73b8ca889651f 2010.0/i586/mozilla-thunderbird-enigmail-pt_BR-3.1.10-0.1mdv2010.0.noarch.rpm
eb01068475c73d476f14989983271142 2010.0/i586/mozilla-thunderbird-enigmail-ru-3.1.10-0.1mdv2010.0.noarch.rpm
23e88fefa90b5bd4cb15c337ecfa1f12 2010.0/i586/mozilla-thunderbird-enigmail-sl-3.1.10-0.1mdv2010.0.noarch.rpm
7799338e0edd16bd5638b20722a15d39 2010.0/i586/mozilla-thunderbird-enigmail-sv-3.1.10-0.1mdv2010.0.noarch.rpm
5127ba45eb6c977d06920febf5087863 2010.0/i586/mozilla-thunderbird-enigmail-tr-3.1.10-0.1mdv2010.0.noarch.rpm
ed999a7214947d81fdae457fcbf91775 2010.0/i586/mozilla-thunderbird-enigmail-vi-3.1.10-0.1mdv2010.0.noarch.rpm
13a2087d5a3d0b6b5ac0640b51632ed3 2010.0/i586/mozilla-thunderbird-enigmail-zh_CN-3.1.10-0.1mdv2010.0.noarch.rpm
5a627716d016bda56b5585e386707a9b 2010.0/i586/mozilla-thunderbird-enigmail-zh_TW-3.1.10-0.1mdv2010.0.noarch.rpm
48a18eac5b017657f4559afb3706395d 2010.0/i586/mozilla-thunderbird-es_AR-3.1.10-0.1mdv2010.0.noarch.rpm
025d169144f94eade30a7580e08e2e07 2010.0/i586/mozilla-thunderbird-es_ES-3.1.10-0.1mdv2010.0.noarch.rpm
1e5461c61722de10a1c4dab8031b2267 2010.0/i586/mozilla-thunderbird-et-3.1.10-0.1mdv2010.0.noarch.rpm
200cc111fde19820aa1475960abf9748 2010.0/i586/mozilla-thunderbird-et_EE-3.1.10-0.1mdv2010.0.noarch.rpm
5b2faed0179598c5591d25b37d4ee3f8 2010.0/i586/mozilla-thunderbird-eu-3.1.10-0.1mdv2010.0.noarch.rpm
2d20ecb7f1a80b8ec5567450f6feae21 2010.0/i586/mozilla-thunderbird-fi-3.1.10-0.1mdv2010.0.noarch.rpm
fc29c1fc2d010f87abefd277fe540fd7 2010.0/i586/mozilla-thunderbird-fr-3.1.10-0.1mdv2010.0.noarch.rpm
f1b783bee2787c52c5f48f5e7006dcea 2010.0/i586/mozilla-thunderbird-fy-3.1.10-0.1mdv2010.0.noarch.rpm
f35e73021ba61c5666582fb9c5b61bdd 2010.0/i586/mozilla-thunderbird-ga-3.1.10-0.1mdv2010.0.noarch.rpm
65dde86142964fe441551af56e923c63 2010.0/i586/mozilla-thunderbird-gd-3.1.10-0.1mdv2010.0.noarch.rpm
b79140efa3d6f8571bbc5d447ad612b8 2010.0/i586/mozilla-thunderbird-gl-3.1.10-0.1mdv2010.0.noarch.rpm
cb710314455b7aedc11ddef212459160 2010.0/i586/mozilla-thunderbird-he-3.1.10-0.1mdv2010.0.noarch.rpm
b8544f884cd0fdd321b8f5ff6251c262 2010.0/i586/mozilla-thunderbird-hu-3.1.10-0.1mdv2010.0.noarch.rpm
52708aada4be13707d7136d26dc1de22 2010.0/i586/mozilla-thunderbird-id-3.1.10-0.1mdv2010.0.noarch.rpm
94a139a5bdd39e4e83cdae8fe1df451d 2010.0/i586/mozilla-thunderbird-is-3.1.10-0.1mdv2010.0.noarch.rpm
7b539968fd2b17bbc1254e1adddec123 2010.0/i586/mozilla-thunderbird-it-3.1.10-0.1mdv2010.0.noarch.rpm
5945bc484b2f33f4ce23ec9529a4bc03 2010.0/i586/mozilla-thunderbird-ja-3.1.10-0.1mdv2010.0.noarch.rpm
4f386eec51122fb47ab9daca5a34087f 2010.0/i586/mozilla-thunderbird-ka-3.1.10-0.1mdv2010.0.noarch.rpm
99d4e178fae9484f85fcf33c993d4179 2010.0/i586/mozilla-thunderbird-ko-3.1.10-0.1mdv2010.0.noarch.rpm
e034dcd41ce411009318d60ed39f66e8 2010.0/i586/mozilla-thunderbird-lightning-3.1.10-0.1mdv2010.0.i586.rpm
b9d35f7089d607cb4eb1fe7d1cb50cac 2010.0/i586/mozilla-thunderbird-lt-3.1.10-0.1mdv2010.0.noarch.rpm
27f32df6c8e3a90b149bc00fb2bf6f02 2010.0/i586/mozilla-thunderbird-nb_NO-3.1.10-0.1mdv2010.0.noarch.rpm
c070662a93ebffbff46da1b6c2ba54ad 2010.0/i586/mozilla-thunderbird-nl-3.1.10-0.1mdv2010.0.noarch.rpm
400d35241dad730c5214d6d657cfad35 2010.0/i586/mozilla-thunderbird-nn_NO-3.1.10-0.1mdv2010.0.noarch.rpm
2cfa17e83e8c51718f40aea54e6f3457 2010.0/i586/mozilla-thunderbird-pa_IN-3.1.10-0.1mdv2010.0.noarch.rpm
5ab9225310dd8b2f7187779b9cd221db 2010.0/i586/mozilla-thunderbird-pl-3.1.10-0.1mdv2010.0.noarch.rpm
e942e71714b9a2db1a35ade84c209cca 2010.0/i586/mozilla-thunderbird-pt_BR-3.1.10-0.1mdv2010.0.noarch.rpm
5185aa2c1c479f8dcd27d0e6afc5138f 2010.0/i586/mozilla-thunderbird-pt_PT-3.1.10-0.1mdv2010.0.noarch.rpm
9dd4efa416469d8809ce756a0abd1526 2010.0/i586/mozilla-thunderbird-ro-3.1.10-0.1mdv2010.0.noarch.rpm
4b8da7e4bd564335788a52fec97a4386 2010.0/i586/mozilla-thunderbird-ru-3.1.10-0.1mdv2010.0.noarch.rpm
f28312f1af9c0da79051dc29a228f471 2010.0/i586/mozilla-thunderbird-si-3.1.10-0.1mdv2010.0.noarch.rpm
9a8fe0ad801f94e63980212390f9eec9 2010.0/i586/mozilla-thunderbird-sk-3.1.10-0.1mdv2010.0.noarch.rpm
3454cf32bb0b5b9ec61609fed9adb007 2010.0/i586/mozilla-thunderbird-sl-3.1.10-0.1mdv2010.0.noarch.rpm
adbb5cb1c1029a57c3a9373c82339432 2010.0/i586/mozilla-thunderbird-sq-3.1.10-0.1mdv2010.0.noarch.rpm
7700ec5ac4c835dd31e1815525ecfa17 2010.0/i586/mozilla-thunderbird-sr-3.1.10-0.1mdv2010.0.noarch.rpm
22370e3a1f8ec1a635a36f15e8fd2553 2010.0/i586/mozilla-thunderbird-sv_SE-3.1.10-0.1mdv2010.0.noarch.rpm
89a9c748bd4144b8fee7f65dee39217e 2010.0/i586/mozilla-thunderbird-tr-3.1.10-0.1mdv2010.0.noarch.rpm
cfe09c1be237f82a7865de14a1c34dfb 2010.0/i586/mozilla-thunderbird-uk-3.1.10-0.1mdv2010.0.noarch.rpm
51bd4ed6b88c4be5f8d0425d667ca3c2 2010.0/i586/mozilla-thunderbird-vi-3.1.10-0.1mdv2010.0.noarch.rpm
a61049983b0a33c67f9b23d5297ed7e5 2010.0/i586/mozilla-thunderbird-zh_CN-3.1.10-0.1mdv2010.0.noarch.rpm
202c8cee142cdbc27459dae27e305d7c 2010.0/i586/mozilla-thunderbird-zh_TW-3.1.10-0.1mdv2010.0.noarch.rpm
3d0ea401b92deb03afb55d40eb28df38 2010.0/i586/nsinstall-3.1.10-0.1mdv2010.0.i586.rpm
7f13cab01912e9e3fb0249f8863df022 2010.0/SRPMS/beagle-0.3.9-20.25mdv2010.0.src.rpm
0240001deaabd883baeee2b00f032e43 2010.0/SRPMS/mozilla-thunderbird-3.1.10-0.1mdv2010.0.src.rpm
bed50214b25547f49b1effc78c968839 2010.0/SRPMS/mozilla-thunderbird-l10n-3.1.10-0.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
b91c098d0c7209c294a11e05977e450c 2010.0/x86_64/beagle-0.3.9-20.25mdv2010.0.x86_64.rpm
90e7679297a1ce5865fcce1bc5fc1f2b 2010.0/x86_64/beagle-crawl-system-0.3.9-20.25mdv2010.0.x86_64.rpm
d33b1315bccbbb0d2534c73512daeb01 2010.0/x86_64/beagle-doc-0.3.9-20.25mdv2010.0.x86_64.rpm
f19ecc16ee24f8dbc6fa3fcd8efc2c65 2010.0/x86_64/beagle-evolution-0.3.9-20.25mdv2010.0.x86_64.rpm
4443d1cb1a244aa26ff0d14dadf753df 2010.0/x86_64/beagle-gui-0.3.9-20.25mdv2010.0.x86_64.rpm
ee6a0ac3c436680f58e9a29948ade5c6 2010.0/x86_64/beagle-gui-qt-0.3.9-20.25mdv2010.0.x86_64.rpm
52028e7cf8a32f6abea8217fe32f929d 2010.0/x86_64/beagle-libs-0.3.9-20.25mdv2010.0.x86_64.rpm
612cf48a3c7d94af6a79c549bb182ccb 2010.0/x86_64/firefox-ext-beagle-0.3.9-20.25mdv2010.0.x86_64.rpm
4395e72ce80acb82e0a1b697eb5abe3a 2010.0/x86_64/mozilla-thunderbird-3.1.10-0.1mdv2010.0.x86_64.rpm
031f5e2be8abec99a89cb51f15248c8f 2010.0/x86_64/mozilla-thunderbird-af-3.1.10-0.1mdv2010.0.noarch.rpm
1d4ff0bc028e9e16972026ea32ec4e5b 2010.0/x86_64/mozilla-thunderbird-ar-3.1.10-0.1mdv2010.0.noarch.rpm
32ace830ee5650c678dbf2fd23095c63 2010.0/x86_64/mozilla-thunderbird-be-3.1.10-0.1mdv2010.0.noarch.rpm
defd700ae432ec58fce29616ee7933bb 2010.0/x86_64/mozilla-thunderbird-beagle-0.3.9-20.25mdv2010.0.x86_64.rpm
ff2da831c827304660231274c262176b 2010.0/x86_64/mozilla-thunderbird-bg-3.1.10-0.1mdv2010.0.noarch.rpm
9d70d3c3a2de5abe97f29cbe0bc11282 2010.0/x86_64/mozilla-thunderbird-bn_BD-3.1.10-0.1mdv2010.0.noarch.rpm
c37eccc476dcce88ef75c6c705d10ab0 2010.0/x86_64/mozilla-thunderbird-ca-3.1.10-0.1mdv2010.0.noarch.rpm
48cc15a3519fe37a99b18c10087cc8ce 2010.0/x86_64/mozilla-thunderbird-cs-3.1.10-0.1mdv2010.0.noarch.rpm
20f1172cf977bf000a0a52e75fc8a89f 2010.0/x86_64/mozilla-thunderbird-da-3.1.10-0.1mdv2010.0.noarch.rpm
d7282d28dfba495ec62816d8c057eed6 2010.0/x86_64/mozilla-thunderbird-de-3.1.10-0.1mdv2010.0.noarch.rpm
0a0284defdcee0bc9c04af6b515466be 2010.0/x86_64/mozilla-thunderbird-el-3.1.10-0.1mdv2010.0.noarch.rpm
8bbdd46966229a0c7d19955487edefb3 2010.0/x86_64/mozilla-thunderbird-en_GB-3.1.10-0.1mdv2010.0.noarch.rpm
8ae6fa8790e67268b84f69147237cedc 2010.0/x86_64/mozilla-thunderbird-enigmail-3.1.10-0.1mdv2010.0.x86_64.rpm
aa6eb13092d4ff3daf80dce48b0dce37 2010.0/x86_64/mozilla-thunderbird-enigmail-ar-3.1.10-0.1mdv2010.0.noarch.rpm
c625bfb393d0678d8ecc09fad411f086 2010.0/x86_64/mozilla-thunderbird-enigmail-ca-3.1.10-0.1mdv2010.0.noarch.rpm
809d6399b9361c0410cc96290ed2d0db 2010.0/x86_64/mozilla-thunderbird-enigmail-cs-3.1.10-0.1mdv2010.0.noarch.rpm
f44878842e3101cfc70f24b09f135f3b 2010.0/x86_64/mozilla-thunderbird-enigmail-de-3.1.10-0.1mdv2010.0.noarch.rpm
9281a872aea144a6b083c8a7dc2e9f97 2010.0/x86_64/mozilla-thunderbird-enigmail-el-3.1.10-0.1mdv2010.0.noarch.rpm
cc58ab0fad1c669f9731647947b135ca 2010.0/x86_64/mozilla-thunderbird-enigmail-es-3.1.10-0.1mdv2010.0.noarch.rpm
4d2c69b109308ee9494496a9f506afbc 2010.0/x86_64/mozilla-thunderbird-enigmail-fi-3.1.10-0.1mdv2010.0.noarch.rpm
c907894ea2d7ebc5a414ac4cc4e09bb2 2010.0/x86_64/mozilla-thunderbird-enigmail-fr-3.1.10-0.1mdv2010.0.noarch.rpm
38e2c7fc8dbb79caf4783847e783910a 2010.0/x86_64/mozilla-thunderbird-enigmail-hu-3.1.10-0.1mdv2010.0.noarch.rpm
1280feedd5b79ab3add7419997d6f038 2010.0/x86_64/mozilla-thunderbird-enigmail-it-3.1.10-0.1mdv2010.0.noarch.rpm
0e2da751321996f17a9db2b90d9d7082 2010.0/x86_64/mozilla-thunderbird-enigmail-ja-3.1.10-0.1mdv2010.0.noarch.rpm
41a6b959f74ca85bc5aaf88962b66ca6 2010.0/x86_64/mozilla-thunderbird-enigmail-ko-3.1.10-0.1mdv2010.0.noarch.rpm
5630b9ec15fd7164d89145091bdea698 2010.0/x86_64/mozilla-thunderbird-enigmail-nb-3.1.10-0.1mdv2010.0.noarch.rpm
6fa176d480d0b810c62a91cb80d60543 2010.0/x86_64/mozilla-thunderbird-enigmail-nl-3.1.10-0.1mdv2010.0.noarch.rpm
cebc6e46ef4d6e8ab43d2340bf414666 2010.0/x86_64/mozilla-thunderbird-enigmail-pl-3.1.10-0.1mdv2010.0.noarch.rpm
6b76fb9b41ed5ef0038834d9599a0d0a 2010.0/x86_64/mozilla-thunderbird-enigmail-pt-3.1.10-0.1mdv2010.0.noarch.rpm
e12e7dca71b3587e6d0c2a35fd8a7f7d 2010.0/x86_64/mozilla-thunderbird-enigmail-pt_BR-3.1.10-0.1mdv2010.0.noarch.rpm
d82f221592fa1fc067898b693bbc48e8 2010.0/x86_64/mozilla-thunderbird-enigmail-ru-3.1.10-0.1mdv2010.0.noarch.rpm
3e016a9745bdbccdc0513451e972eecf 2010.0/x86_64/mozilla-thunderbird-enigmail-sl-3.1.10-0.1mdv2010.0.noarch.rpm
1883897d3741038c62c5dc436829ac15 2010.0/x86_64/mozilla-thunderbird-enigmail-sv-3.1.10-0.1mdv2010.0.noarch.rpm
d7759a033ba12de982b3650896bced6a 2010.0/x86_64/mozilla-thunderbird-enigmail-tr-3.1.10-0.1mdv2010.0.noarch.rpm
4a22054f053e49a05194853e20de2fb7 2010.0/x86_64/mozilla-thunderbird-enigmail-vi-3.1.10-0.1mdv2010.0.noarch.rpm
5fab4cbe3277398671531048bd0e1689 2010.0/x86_64/mozilla-thunderbird-enigmail-zh_CN-3.1.10-0.1mdv2010.0.noarch.rpm
3df86637810df92d4e4b36dddef65d51 2010.0/x86_64/mozilla-thunderbird-enigmail-zh_TW-3.1.10-0.1mdv2010.0.noarch.rpm
e663e3707def330a3f5c329e408d1c02 2010.0/x86_64/mozilla-thunderbird-es_AR-3.1.10-0.1mdv2010.0.noarch.rpm
b6e8f651b09ce6eada53cf0ad81899c0 2010.0/x86_64/mozilla-thunderbird-es_ES-3.1.10-0.1mdv2010.0.noarch.rpm
91b970098b1862a85ebe0f07a91c134d 2010.0/x86_64/mozilla-thunderbird-et-3.1.10-0.1mdv2010.0.noarch.rpm
1fba2b04ddd2cdc9d7c3e58eb77d4bc5 2010.0/x86_64/mozilla-thunderbird-et_EE-3.1.10-0.1mdv2010.0.noarch.rpm
6df776e10fda0f9f6ac01241a5e2ee96 2010.0/x86_64/mozilla-thunderbird-eu-3.1.10-0.1mdv2010.0.noarch.rpm
aea3eb6d4773cd1b8c271ae361b0c1e7 2010.0/x86_64/mozilla-thunderbird-fi-3.1.10-0.1mdv2010.0.noarch.rpm
635924ac6bf0512b5aba168a2bd43994 2010.0/x86_64/mozilla-thunderbird-fr-3.1.10-0.1mdv2010.0.noarch.rpm
fc7649c4026fbe741369fd527966b235 2010.0/x86_64/mozilla-thunderbird-fy-3.1.10-0.1mdv2010.0.noarch.rpm
e3c19579571f3e1dddff89c754e40094 2010.0/x86_64/mozilla-thunderbird-ga-3.1.10-0.1mdv2010.0.noarch.rpm
d4eda3e76501e9f9718d8117952aeffc 2010.0/x86_64/mozilla-thunderbird-gd-3.1.10-0.1mdv2010.0.noarch.rpm
3c0809dd233aeebb0e7b8732aaa0e55c 2010.0/x86_64/mozilla-thunderbird-gl-3.1.10-0.1mdv2010.0.noarch.rpm
d4935829f89617c60ed28f0c411826e7 2010.0/x86_64/mozilla-thunderbird-he-3.1.10-0.1mdv2010.0.noarch.rpm
fab6eeafa4fbdb2bdc3188da6fb9da1b 2010.0/x86_64/mozilla-thunderbird-hu-3.1.10-0.1mdv2010.0.noarch.rpm
7504f431e6f97b1d046203cdb39af817 2010.0/x86_64/mozilla-thunderbird-id-3.1.10-0.1mdv2010.0.noarch.rpm
7eaefb6bbf78e55ffb75eb46c4e753a5 2010.0/x86_64/mozilla-thunderbird-is-3.1.10-0.1mdv2010.0.noarch.rpm
32dc246c6f1c5ffce79324fcd7562305 2010.0/x86_64/mozilla-thunderbird-it-3.1.10-0.1mdv2010.0.noarch.rpm
ee0d41c3b45f63c863d31d9674c20f9c 2010.0/x86_64/mozilla-thunderbird-ja-3.1.10-0.1mdv2010.0.noarch.rpm
5c0f3ff4b99bf997625d167a1bc86d2d 2010.0/x86_64/mozilla-thunderbird-ka-3.1.10-0.1mdv2010.0.noarch.rpm
36e1b7eef23da9384878547a5b49b59b 2010.0/x86_64/mozilla-thunderbird-ko-3.1.10-0.1mdv2010.0.noarch.rpm
f9273e9cc9abaf91bac8ac4eb4244e1f 2010.0/x86_64/mozilla-thunderbird-lightning-3.1.10-0.1mdv2010.0.x86_64.rpm
eb481c45afa943c3d055328adf27161c 2010.0/x86_64/mozilla-thunderbird-lt-3.1.10-0.1mdv2010.0.noarch.rpm
a9c2c8b3cad7484e33e481befd9d475c 2010.0/x86_64/mozilla-thunderbird-nb_NO-3.1.10-0.1mdv2010.0.noarch.rpm
22686ec0ab1bf23878135beb3dfd38bb 2010.0/x86_64/mozilla-thunderbird-nl-3.1.10-0.1mdv2010.0.noarch.rpm
2e74fb1b03eb89743979670fe1d79952 2010.0/x86_64/mozilla-thunderbird-nn_NO-3.1.10-0.1mdv2010.0.noarch.rpm
7da5d4c0f2b800cff90c4dda083be6c2 2010.0/x86_64/mozilla-thunderbird-pa_IN-3.1.10-0.1mdv2010.0.noarch.rpm
6a0f47c2828210af18a914b926dba324 2010.0/x86_64/mozilla-thunderbird-pl-3.1.10-0.1mdv2010.0.noarch.rpm
c10fcf6d0970fe7228a5ed4aecf93ccf 2010.0/x86_64/mozilla-thunderbird-pt_BR-3.1.10-0.1mdv2010.0.noarch.rpm
8d67d9964892845eb6839b4a6f2e9cc0 2010.0/x86_64/mozilla-thunderbird-pt_PT-3.1.10-0.1mdv2010.0.noarch.rpm
5b608cff206f70717eeeae744a936a4d 2010.0/x86_64/mozilla-thunderbird-ro-3.1.10-0.1mdv2010.0.noarch.rpm
286a1fd17ab94828522dbb06dd5e7394 2010.0/x86_64/mozilla-thunderbird-ru-3.1.10-0.1mdv2010.0.noarch.rpm
a30e2291dea4aa44b3f392c7483c58f7 2010.0/x86_64/mozilla-thunderbird-si-3.1.10-0.1mdv2010.0.noarch.rpm
6041e402c444a58e238cac69a9dce84c 2010.0/x86_64/mozilla-thunderbird-sk-3.1.10-0.1mdv2010.0.noarch.rpm
d073faa25288dbb44acf7a258c987805 2010.0/x86_64/mozilla-thunderbird-sl-3.1.10-0.1mdv2010.0.noarch.rpm
00494e95df00affae204c387055bea09 2010.0/x86_64/mozilla-thunderbird-sq-3.1.10-0.1mdv2010.0.noarch.rpm
748b8a8ed9b3c02f37f4965dee9bfd03 2010.0/x86_64/mozilla-thunderbird-sr-3.1.10-0.1mdv2010.0.noarch.rpm
06a04ad9ef481a9dd0914c0cb2c0f80d 2010.0/x86_64/mozilla-thunderbird-sv_SE-3.1.10-0.1mdv2010.0.noarch.rpm
08fb12ffdcb78cc63c9c51dcabe4a2c6 2010.0/x86_64/mozilla-thunderbird-tr-3.1.10-0.1mdv2010.0.noarch.rpm
adf10fa52692ec04fe7d708a3aaf9332 2010.0/x86_64/mozilla-thunderbird-uk-3.1.10-0.1mdv2010.0.noarch.rpm
a62f5b702f2f7e7aa300e3a9d36d78be 2010.0/x86_64/mozilla-thunderbird-vi-3.1.10-0.1mdv2010.0.noarch.rpm
91c903f555ab65021bdb57e3a3920f9f 2010.0/x86_64/mozilla-thunderbird-zh_CN-3.1.10-0.1mdv2010.0.noarch.rpm
9219eab0293b296e9045849cb895441a 2010.0/x86_64/mozilla-thunderbird-zh_TW-3.1.10-0.1mdv2010.0.noarch.rpm
1e35122fb660c70f64b76207226346a5 2010.0/x86_64/nsinstall-3.1.10-0.1mdv2010.0.x86_64.rpm
7f13cab01912e9e3fb0249f8863df022 2010.0/SRPMS/beagle-0.3.9-20.25mdv2010.0.src.rpm
0240001deaabd883baeee2b00f032e43 2010.0/SRPMS/mozilla-thunderbird-3.1.10-0.1mdv2010.0.src.rpm
bed50214b25547f49b1effc78c968839 2010.0/SRPMS/mozilla-thunderbird-l10n-3.1.10-0.1mdv2010.0.src.rpm
Mandriva Linux 2010.1:
e982c0bb97558b56ffe681c0292e6727 2010.1/i586/beagle-0.3.9-40.15mdv2010.2.i586.rpm
ea4c1529878b5315b98a9cdcccf2d634 2010.1/i586/beagle-crawl-system-0.3.9-40.15mdv2010.2.i586.rpm
5295d872fe470ab420ccf741b2da7f6e 2010.1/i586/beagle-doc-0.3.9-40.15mdv2010.2.i586.rpm
498c79d1b58cc037fdc3b2b4db08ceed 2010.1/i586/beagle-evolution-0.3.9-40.15mdv2010.2.i586.rpm
7af8f4b38e26728210c5814e76155bc9 2010.1/i586/beagle-gui-0.3.9-40.15mdv2010.2.i586.rpm
2426e8f8769a522e1d90151a018f06bd 2010.1/i586/beagle-gui-qt-0.3.9-40.15mdv2010.2.i586.rpm
b1beb102537027cabb8d3bfdc009afb3 2010.1/i586/beagle-libs-0.3.9-40.15mdv2010.2.i586.rpm
d8588494e9efbadd317213f7f67ef26f 2010.1/i586/firefox-ext-beagle-0.3.9-40.15mdv2010.2.i586.rpm
a64f58f462fd1c71685e19cee58343c8 2010.1/i586/mozilla-thunderbird-3.1.10-0.1mdv2010.2.i586.rpm
0e33a61f4b0b88d0972e632b436957c1 2010.1/i586/mozilla-thunderbird-af-3.1.10-0.1mdv2010.2.noarch.rpm
a9e0a4dff4ed16edab498caaf06d0c99 2010.1/i586/mozilla-thunderbird-ar-3.1.10-0.1mdv2010.2.noarch.rpm
e46ad3d66339025f03482df0cd129c7a 2010.1/i586/mozilla-thunderbird-be-3.1.10-0.1mdv2010.2.noarch.rpm
435e2d1369aed549b290018a21728e1b 2010.1/i586/mozilla-thunderbird-beagle-0.3.9-40.15mdv2010.2.i586.rpm
6737c036a7b204999eaed97d7dad03f8 2010.1/i586/mozilla-thunderbird-bg-3.1.10-0.1mdv2010.2.noarch.rpm
bc19beb69c5ffcd16e19d9b03d571111 2010.1/i586/mozilla-thunderbird-bn_BD-3.1.10-0.1mdv2010.2.noarch.rpm
6d210c8a58c0283e23a7f1813d6a6ac1 2010.1/i586/mozilla-thunderbird-ca-3.1.10-0.1mdv2010.2.noarch.rpm
4a08702c0e891a007cffcb1995138db4 2010.1/i586/mozilla-thunderbird-cs-3.1.10-0.1mdv2010.2.noarch.rpm
1d26329210a531d8cd157f234c4d9b60 2010.1/i586/mozilla-thunderbird-da-3.1.10-0.1mdv2010.2.noarch.rpm
c5ffac758098ae3a78ac88b1ed0bc2d2 2010.1/i586/mozilla-thunderbird-de-3.1.10-0.1mdv2010.2.noarch.rpm
6022c1cc44c6077a85812d656b6ed969 2010.1/i586/mozilla-thunderbird-el-3.1.10-0.1mdv2010.2.noarch.rpm
0112e24ff9151e07d5d10b642870c353 2010.1/i586/mozilla-thunderbird-en_GB-3.1.10-0.1mdv2010.2.noarch.rpm
68691c06c465fcddb1cd457426f2b661 2010.1/i586/mozilla-thunderbird-enigmail-3.1.10-0.1mdv2010.2.i586.rpm
e6f5bc9a9f22aa3a3a6ae09ef7c38870 2010.1/i586/mozilla-thunderbird-enigmail-ar-3.1.10-0.1mdv2010.2.noarch.rpm
56faec9c6fad5daf18f08e094d65e07d 2010.1/i586/mozilla-thunderbird-enigmail-ca-3.1.10-0.1mdv2010.2.noarch.rpm
f83eef2961ba211d516bcee2a9cc3af0 2010.1/i586/mozilla-thunderbird-enigmail-cs-3.1.10-0.1mdv2010.2.noarch.rpm
00d4e4b257a55023fcb4e935124f2475 2010.1/i586/mozilla-thunderbird-enigmail-de-3.1.10-0.1mdv2010.2.noarch.rpm
18d7380810125966877e1122374547af 2010.1/i586/mozilla-thunderbird-enigmail-el-3.1.10-0.1mdv2010.2.noarch.rpm
76d1c84cdd80462bfd7498b34a5d093d 2010.1/i586/mozilla-thunderbird-enigmail-es-3.1.10-0.1mdv2010.2.noarch.rpm
aa1f5ff63441b51298e92a22deee60da 2010.1/i586/mozilla-thunderbird-enigmail-fi-3.1.10-0.1mdv2010.2.noarch.rpm
b867c4ecf67eaee165a0881b8510348c 2010.1/i586/mozilla-thunderbird-enigmail-fr-3.1.10-0.1mdv2010.2.noarch.rpm
46a6a75db5dafbc27f237dd4b8d6ce96 2010.1/i586/mozilla-thunderbird-enigmail-hu-3.1.10-0.1mdv2010.2.noarch.rpm
1f2a597f1767b97bebb4a61b26beaec2 2010.1/i586/mozilla-thunderbird-enigmail-it-3.1.10-0.1mdv2010.2.noarch.rpm
177a35b7e10e4bc7c90e04887b67e5f4 2010.1/i586/mozilla-thunderbird-enigmail-ja-3.1.10-0.1mdv2010.2.noarch.rpm
708b9739d377e82f5b6afa6a06d89da4 2010.1/i586/mozilla-thunderbird-enigmail-ko-3.1.10-0.1mdv2010.2.noarch.rpm
bff43b333be1c85ab63bee77dae0e20e 2010.1/i586/mozilla-thunderbird-enigmail-nb-3.1.10-0.1mdv2010.2.noarch.rpm
0dbbfb03f0e243c4a44b6848458c8a1f 2010.1/i586/mozilla-thunderbird-enigmail-nl-3.1.10-0.1mdv2010.2.noarch.rpm
f10641a8856fed4e9712b0d9789a169f 2010.1/i586/mozilla-thunderbird-enigmail-pl-3.1.10-0.1mdv2010.2.noarch.rpm
f9ff312d2dba20a9f0bbe1b164478f28 2010.1/i586/mozilla-thunderbird-enigmail-pt-3.1.10-0.1mdv2010.2.noarch.rpm
2905ed53218cfe951b9bc6f795ba4753 2010.1/i586/mozilla-thunderbird-enigmail-pt_BR-3.1.10-0.1mdv2010.2.noarch.rpm
3d71b18fab69c6fc40ddc07f86a8f310 2010.1/i586/mozilla-thunderbird-enigmail-ru-3.1.10-0.1mdv2010.2.noarch.rpm
258978830354521734eb3f82d3c0141e 2010.1/i586/mozilla-thunderbird-enigmail-sl-3.1.10-0.1mdv2010.2.noarch.rpm
088ded19f18240c2b6b5bdaa70a5682b 2010.1/i586/mozilla-thunderbird-enigmail-sv-3.1.10-0.1mdv2010.2.noarch.rpm
ab896991a0a2044e43617ebffa987d66 2010.1/i586/mozilla-thunderbird-enigmail-tr-3.1.10-0.1mdv2010.2.noarch.rpm
3f8ea3da076bd45ab47380c212f64bc1 2010.1/i586/mozilla-thunderbird-enigmail-vi-3.1.10-0.1mdv2010.2.noarch.rpm
a949d589cab5d42888a6bcb5644c1203 2010.1/i586/mozilla-thunderbird-enigmail-zh_CN-3.1.10-0.1mdv2010.2.noarch.rpm
31d96faf0bcba2511a7c575f23c775df 2010.1/i586/mozilla-thunderbird-enigmail-zh_TW-3.1.10-0.1mdv2010.2.noarch.rpm
39b2da749ab60afe523111f86035fa17 2010.1/i586/mozilla-thunderbird-es_AR-3.1.10-0.1mdv2010.2.noarch.rpm
8b444904a0445390422657b6b656d2f1 2010.1/i586/mozilla-thunderbird-es_ES-3.1.10-0.1mdv2010.2.noarch.rpm
7027fc8a9d7dc32cf8770b9c58a9426c 2010.1/i586/mozilla-thunderbird-et-3.1.10-0.1mdv2010.2.noarch.rpm
5a225e6757d8cc72f048a4808346357d 2010.1/i586/mozilla-thunderbird-et_EE-3.1.10-0.1mdv2010.2.noarch.rpm
0754bdc6f3a8dcc5d18888c2df604f72 2010.1/i586/mozilla-thunderbird-eu-3.1.10-0.1mdv2010.2.noarch.rpm
897bfa6f900f25d735ab6542ff032f6c 2010.1/i586/mozilla-thunderbird-fi-3.1.10-0.1mdv2010.2.noarch.rpm
4d0b8672b14e4deb419a522445bdacd8 2010.1/i586/mozilla-thunderbird-fr-3.1.10-0.1mdv2010.2.noarch.rpm
b88dbdd8e71e749d71cc5b2665166fd2 2010.1/i586/mozilla-thunderbird-fy-3.1.10-0.1mdv2010.2.noarch.rpm
62d4bebb33074b5a90153cb6c0310348 2010.1/i586/mozilla-thunderbird-ga-3.1.10-0.1mdv2010.2.noarch.rpm
c7b13f1bd8e30d0d22b0928a6dd63b17 2010.1/i586/mozilla-thunderbird-gd-3.1.10-0.1mdv2010.2.noarch.rpm
3827ba4fe1fe42ab995868233549350f 2010.1/i586/mozilla-thunderbird-gl-3.1.10-0.1mdv2010.2.noarch.rpm
dac03b4d0a82fabe11bdf8087dda63ab 2010.1/i586/mozilla-thunderbird-he-3.1.10-0.1mdv2010.2.noarch.rpm
748ce8f3d030565eeef7a9d6fabd61d3 2010.1/i586/mozilla-thunderbird-hu-3.1.10-0.1mdv2010.2.noarch.rpm
582b8bea9324e95edad961481812b3fc 2010.1/i586/mozilla-thunderbird-id-3.1.10-0.1mdv2010.2.noarch.rpm
795e8d7ac599efaafb6619fecf784976 2010.1/i586/mozilla-thunderbird-is-3.1.10-0.1mdv2010.2.noarch.rpm
2e1b424d169bc8c2c0593bd2d35b1cdf 2010.1/i586/mozilla-thunderbird-it-3.1.10-0.1mdv2010.2.noarch.rpm
3fc1d4c9d1c785fc9935883cbfd7acbc 2010.1/i586/mozilla-thunderbird-ja-3.1.10-0.1mdv2010.2.noarch.rpm
3a9c954e902effe49618f2438a4ffc68 2010.1/i586/mozilla-thunderbird-ka-3.1.10-0.1mdv2010.2.noarch.rpm
aba5d72f8f23eb93d4241ae7af055503 2010.1/i586/mozilla-thunderbird-ko-3.1.10-0.1mdv2010.2.noarch.rpm
7778678bdaab24b0617e6762e99c6393 2010.1/i586/mozilla-thunderbird-lightning-3.1.10-0.1mdv2010.2.i586.rpm
b9201184a1be06e64b5eb7910ad8f3d3 2010.1/i586/mozilla-thunderbird-lt-3.1.10-0.1mdv2010.2.noarch.rpm
e03cb64d7a618e77fa2db5ac57772b6d 2010.1/i586/mozilla-thunderbird-nb_NO-3.1.10-0.1mdv2010.2.noarch.rpm
d63efe25e5b1317c17a2734225cc08e0 2010.1/i586/mozilla-thunderbird-nl-3.1.10-0.1mdv2010.2.noarch.rpm
f3438aba20af320d32fb5cb00dfd8a89 2010.1/i586/mozilla-thunderbird-nn_NO-3.1.10-0.1mdv2010.2.noarch.rpm
68d8403d6352d53d1e3665d7bb54615b 2010.1/i586/mozilla-thunderbird-pa_IN-3.1.10-0.1mdv2010.2.noarch.rpm
733a410af8e870cd81d6ccfdbc72190f 2010.1/i586/mozilla-thunderbird-pl-3.1.10-0.1mdv2010.2.noarch.rpm
6a15036527b71e2cb6b421a5118b7492 2010.1/i586/mozilla-thunderbird-pt_BR-3.1.10-0.1mdv2010.2.noarch.rpm
3c5e612e3681bfdcb6393b62375f20f6 2010.1/i586/mozilla-thunderbird-pt_PT-3.1.10-0.1mdv2010.2.noarch.rpm
f75cd4641f379bf45d6028fd1db8991d 2010.1/i586/mozilla-thunderbird-ro-3.1.10-0.1mdv2010.2.noarch.rpm
d011fb47b62fea0dfad13aeee936a07a 2010.1/i586/mozilla-thunderbird-ru-3.1.10-0.1mdv2010.2.noarch.rpm
cef84d36ecec40e6bd03abd3b296356b 2010.1/i586/mozilla-thunderbird-si-3.1.10-0.1mdv2010.2.noarch.rpm
102cd179d0bc577e28921a7ef91ea571 2010.1/i586/mozilla-thunderbird-sk-3.1.10-0.1mdv2010.2.noarch.rpm
3ec07fa7090dd328d177d7b2eab09feb 2010.1/i586/mozilla-thunderbird-sl-3.1.10-0.1mdv2010.2.noarch.rpm
1024c8ede5abbe9496762c11d53a67f9 2010.1/i586/mozilla-thunderbird-sq-3.1.10-0.1mdv2010.2.noarch.rpm
96e7313bee988d54d38d0a3c2ef794ad 2010.1/i586/mozilla-thunderbird-sr-3.1.10-0.1mdv2010.2.noarch.rpm
b47f3b4745f84b87213a88a5bc9a4395 2010.1/i586/mozilla-thunderbird-sv_SE-3.1.10-0.1mdv2010.2.noarch.rpm
d94e83dccb870ec58128ef304ff6cec9 2010.1/i586/mozilla-thunderbird-tr-3.1.10-0.1mdv2010.2.noarch.rpm
7fda33ae8006269f75ecf2fdc9cbbc71 2010.1/i586/mozilla-thunderbird-uk-3.1.10-0.1mdv2010.2.noarch.rpm
754dc30612b538d352396f385a4738b4 2010.1/i586/mozilla-thunderbird-vi-3.1.10-0.1mdv2010.2.noarch.rpm
095b34edfd923efcae04c9e22ffe2d05 2010.1/i586/mozilla-thunderbird-zh_CN-3.1.10-0.1mdv2010.2.noarch.rpm
c7c9d9fdd9dc4f2ee3d8e7ce66e92bbb 2010.1/i586/mozilla-thunderbird-zh_TW-3.1.10-0.1mdv2010.2.noarch.rpm
fa1cf03fb985e820ccf1d850826541ba 2010.1/i586/nsinstall-3.1.10-0.1mdv2010.2.i586.rpm
78b7b4dceb865b1da893777a868a72a8 2010.1/SRPMS/beagle-0.3.9-40.15mdv2010.2.src.rpm
4eb580731e25fa7578b64107f3ee29be 2010.1/SRPMS/mozilla-thunderbird-3.1.10-0.1mdv2010.2.src.rpm
67c90cacabf9658be0a2d5c7d98ec105 2010.1/SRPMS/mozilla-thunderbird-l10n-3.1.10-0.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
3293b96499016ca82f6605432a6f191e 2010.1/x86_64/beagle-0.3.9-40.15mdv2010.2.x86_64.rpm
8a50e4ae9e12cf8f5afa039097273181 2010.1/x86_64/beagle-crawl-system-0.3.9-40.15mdv2010.2.x86_64.rpm
316adb2ebe53f4593bba3e944da8acd5 2010.1/x86_64/beagle-doc-0.3.9-40.15mdv2010.2.x86_64.rpm
312e7a95c13ffd97b213c136af386d09 2010.1/x86_64/beagle-evolution-0.3.9-40.15mdv2010.2.x86_64.rpm
29ca25acab92b3db9715a3ad6cfb2254 2010.1/x86_64/beagle-gui-0.3.9-40.15mdv2010.2.x86_64.rpm
00050da1cc5403333dc2d67ae6f142ca 2010.1/x86_64/beagle-gui-qt-0.3.9-40.15mdv2010.2.x86_64.rpm
3e30668c69963fdaae6f3c0bb27d67f7 2010.1/x86_64/beagle-libs-0.3.9-40.15mdv2010.2.x86_64.rpm
81ff13b699a79494c07e24661a32d0c8 2010.1/x86_64/firefox-ext-beagle-0.3.9-40.15mdv2010.2.x86_64.rpm
a70144b808fe6224085e06129b7dc3e4 2010.1/x86_64/mozilla-thunderbird-3.1.10-0.1mdv2010.2.x86_64.rpm
e8eda0493c5f3a5973155243a8d86380 2010.1/x86_64/mozilla-thunderbird-af-3.1.10-0.1mdv2010.2.noarch.rpm
0bfa998287d302fa8915db792d916fef 2010.1/x86_64/mozilla-thunderbird-ar-3.1.10-0.1mdv2010.2.noarch.rpm
a474f1d3086b0c14f9a99e7e2e4ae51b 2010.1/x86_64/mozilla-thunderbird-be-3.1.10-0.1mdv2010.2.noarch.rpm
2f017e6735ffba3552f3c24d39e8093e 2010.1/x86_64/mozilla-thunderbird-beagle-0.3.9-40.15mdv2010.2.x86_64.rpm
62267bca7aeb40e3a2931bccf899651a 2010.1/x86_64/mozilla-thunderbird-bg-3.1.10-0.1mdv2010.2.noarch.rpm
d9022d74ae3e70a3bd014bf90696f4b1 2010.1/x86_64/mozilla-thunderbird-bn_BD-3.1.10-0.1mdv2010.2.noarch.rpm
41f59a16ba688893dc239ca686d58218 2010.1/x86_64/mozilla-thunderbird-ca-3.1.10-0.1mdv2010.2.noarch.rpm
24f32b22e4e01cd15755e3ff4c834de2 2010.1/x86_64/mozilla-thunderbird-cs-3.1.10-0.1mdv2010.2.noarch.rpm
fe1d2f01fe93a6f5ebbbc8c4427f4ee9 2010.1/x86_64/mozilla-thunderbird-da-3.1.10-0.1mdv2010.2.noarch.rpm
f702df39a87c23742d24f04eb4949361 2010.1/x86_64/mozilla-thunderbird-de-3.1.10-0.1mdv2010.2.noarch.rpm
71898a072e3fcdffd873e254bbcc1421 2010.1/x86_64/mozilla-thunderbird-el-3.1.10-0.1mdv2010.2.noarch.rpm
dd5ff6c9ee81ab883351d3d446590b99 2010.1/x86_64/mozilla-thunderbird-en_GB-3.1.10-0.1mdv2010.2.noarch.rpm
9b9965cde52e2b0586168ff24b2cc453 2010.1/x86_64/mozilla-thunderbird-enigmail-3.1.10-0.1mdv2010.2.x86_64.rpm
b1efc0a533c5dbdc701c5539d614a30d 2010.1/x86_64/mozilla-thunderbird-enigmail-ar-3.1.10-0.1mdv2010.2.noarch.rpm
71e716f475cf385a0ed286a5c84bacac 2010.1/x86_64/mozilla-thunderbird-enigmail-ca-3.1.10-0.1mdv2010.2.noarch.rpm
cb11eab81e517ecfef0bd356de90bd48 2010.1/x86_64/mozilla-thunderbird-enigmail-cs-3.1.10-0.1mdv2010.2.noarch.rpm
ab9924ff260cdcebbf94ed51865e40a2 2010.1/x86_64/mozilla-thunderbird-enigmail-de-3.1.10-0.1mdv2010.2.noarch.rpm
4f2bc414a3227f3480de48bc78291d39 2010.1/x86_64/mozilla-thunderbird-enigmail-el-3.1.10-0.1mdv2010.2.noarch.rpm
3173e96d26ef2fe9392136314a697f56 2010.1/x86_64/mozilla-thunderbird-enigmail-es-3.1.10-0.1mdv2010.2.noarch.rpm
ce54de3384e795f6d0b270f112be8512 2010.1/x86_64/mozilla-thunderbird-enigmail-fi-3.1.10-0.1mdv2010.2.noarch.rpm
b440343d7738fc46cf0a71cdfd1c0841 2010.1/x86_64/mozilla-thunderbird-enigmail-fr-3.1.10-0.1mdv2010.2.noarch.rpm
0f32362aeff2c565d1920fd5c19fdcda 2010.1/x86_64/mozilla-thunderbird-enigmail-hu-3.1.10-0.1mdv2010.2.noarch.rpm
6f5a51d842dad2e4599c1be9d43e6e1f 2010.1/x86_64/mozilla-thunderbird-enigmail-it-3.1.10-0.1mdv2010.2.noarch.rpm
70fdce672c5892a657579a951a5e0f92 2010.1/x86_64/mozilla-thunderbird-enigmail-ja-3.1.10-0.1mdv2010.2.noarch.rpm
448358a9f331602787b4dca43a9bb59f 2010.1/x86_64/mozilla-thunderbird-enigmail-ko-3.1.10-0.1mdv2010.2.noarch.rpm
9ee25f60155b5a4123ed09a4a6d6bcea 2010.1/x86_64/mozilla-thunderbird-enigmail-nb-3.1.10-0.1mdv2010.2.noarch.rpm
54794f46a0a3f3f4eca886b4b9939e99 2010.1/x86_64/mozilla-thunderbird-enigmail-nl-3.1.10-0.1mdv2010.2.noarch.rpm
52405e1b272d2b741818044341ba636c 2010.1/x86_64/mozilla-thunderbird-enigmail-pl-3.1.10-0.1mdv2010.2.noarch.rpm
a369f51ad60d4a7949bd7d9c089e19a6 2010.1/x86_64/mozilla-thunderbird-enigmail-pt-3.1.10-0.1mdv2010.2.noarch.rpm
7b2d080b1c8f56d005012230157ac852 2010.1/x86_64/mozilla-thunderbird-enigmail-pt_BR-3.1.10-0.1mdv2010.2.noarch.rpm
69327232a731645058ea134c05e3e561 2010.1/x86_64/mozilla-thunderbird-enigmail-ru-3.1.10-0.1mdv2010.2.noarch.rpm
090255c12b8753f5c43d66878a6777a8 2010.1/x86_64/mozilla-thunderbird-enigmail-sl-3.1.10-0.1mdv2010.2.noarch.rpm
4fc4ec609f106adb11a1a9ffc7d9eaa6 2010.1/x86_64/mozilla-thunderbird-enigmail-sv-3.1.10-0.1mdv2010.2.noarch.rpm
ebd8b45d68bfbb59d0e24ad2c25cb046 2010.1/x86_64/mozilla-thunderbird-enigmail-tr-3.1.10-0.1mdv2010.2.noarch.rpm
67461321d2680e8a8c6086fe93de370d 2010.1/x86_64/mozilla-thunderbird-enigmail-vi-3.1.10-0.1mdv2010.2.noarch.rpm
c736aae1b5a064b0cc7529c6f8cb518e 2010.1/x86_64/mozilla-thunderbird-enigmail-zh_CN-3.1.10-0.1mdv2010.2.noarch.rpm
196d975f4510655a43eee4064c177ea6 2010.1/x86_64/mozilla-thunderbird-enigmail-zh_TW-3.1.10-0.1mdv2010.2.noarch.rpm
91ce13729aaf7d72f446957d9a4a4e9a 2010.1/x86_64/mozilla-thunderbird-es_AR-3.1.10-0.1mdv2010.2.noarch.rpm
352610da6852db471e24c04138658468 2010.1/x86_64/mozilla-thunderbird-es_ES-3.1.10-0.1mdv2010.2.noarch.rpm
51dcae208d27655792641e580170828c 2010.1/x86_64/mozilla-thunderbird-et-3.1.10-0.1mdv2010.2.noarch.rpm
9040bb232c63ab551eac30f74b202557 2010.1/x86_64/mozilla-thunderbird-et_EE-3.1.10-0.1mdv2010.2.noarch.rpm
aa07d747e88a5c84ea2dedb6b8c65833 2010.1/x86_64/mozilla-thunderbird-eu-3.1.10-0.1mdv2010.2.noarch.rpm
f2e75fd7cf3593e7169e9a0e25bee391 2010.1/x86_64/mozilla-thunderbird-fi-3.1.10-0.1mdv2010.2.noarch.rpm
a5dac17742512e83fb08b776c60d2608 2010.1/x86_64/mozilla-thunderbird-fr-3.1.10-0.1mdv2010.2.noarch.rpm
46384109f726723ff233e9eb70247e43 2010.1/x86_64/mozilla-thunderbird-fy-3.1.10-0.1mdv2010.2.noarch.rpm
3194dcafb368937011c855dd17041542 2010.1/x86_64/mozilla-thunderbird-ga-3.1.10-0.1mdv2010.2.noarch.rpm
0106793f02bc3ad146dbbdd1f78c37b8 2010.1/x86_64/mozilla-thunderbird-gd-3.1.10-0.1mdv2010.2.noarch.rpm
4f917e6c44bea01dd00645e2bcc19c65 2010.1/x86_64/mozilla-thunderbird-gl-3.1.10-0.1mdv2010.2.noarch.rpm
3d45585e3aa90e63df466429e68f1cfa 2010.1/x86_64/mozilla-thunderbird-he-3.1.10-0.1mdv2010.2.noarch.rpm
b7c4ba81f8d2d9097fadf29088593b03 2010.1/x86_64/mozilla-thunderbird-hu-3.1.10-0.1mdv2010.2.noarch.rpm
ac0815493e49ee35f95ce1ce41154592 2010.1/x86_64/mozilla-thunderbird-id-3.1.10-0.1mdv2010.2.noarch.rpm
34b95fc1975471592de50a7f8f642164 2010.1/x86_64/mozilla-thunderbird-is-3.1.10-0.1mdv2010.2.noarch.rpm
757c9d05148d9273b0a7492b345e2dba 2010.1/x86_64/mozilla-thunderbird-it-3.1.10-0.1mdv2010.2.noarch.rpm
97b30c908f70b702636c39cff5a9a501 2010.1/x86_64/mozilla-thunderbird-ja-3.1.10-0.1mdv2010.2.noarch.rpm
3cb730c762a30cc4b825d33af404b79d 2010.1/x86_64/mozilla-thunderbird-ka-3.1.10-0.1mdv2010.2.noarch.rpm
e77dbdaaa4aa51793ec100ca40be889a 2010.1/x86_64/mozilla-thunderbird-ko-3.1.10-0.1mdv2010.2.noarch.rpm
57d283ef9630fe46a2916fb21baa6854 2010.1/x86_64/mozilla-thunderbird-lightning-3.1.10-0.1mdv2010.2.x86_64.rpm
2edae2bf4b75a5b6d22bf107d6e5f9a7 2010.1/x86_64/mozilla-thunderbird-lt-3.1.10-0.1mdv2010.2.noarch.rpm
457ba6133e353cfd0d2c6e5096adbe91 2010.1/x86_64/mozilla-thunderbird-nb_NO-3.1.10-0.1mdv2010.2.noarch.rpm
cd19bc1c29b7603edf72e6d70eca9aa8 2010.1/x86_64/mozilla-thunderbird-nl-3.1.10-0.1mdv2010.2.noarch.rpm
d5d4fac4170a1159dcb10b5949438a6a 2010.1/x86_64/mozilla-thunderbird-nn_NO-3.1.10-0.1mdv2010.2.noarch.rpm
43d0e1415290608ea463bddd6b50dc84 2010.1/x86_64/mozilla-thunderbird-pa_IN-3.1.10-0.1mdv2010.2.noarch.rpm
27562dd704d61be56dc62d87b1a89001 2010.1/x86_64/mozilla-thunderbird-pl-3.1.10-0.1mdv2010.2.noarch.rpm
ffcc1b481ef5d56b45ac723fa44c1097 2010.1/x86_64/mozilla-thunderbird-pt_BR-3.1.10-0.1mdv2010.2.noarch.rpm
7b8823834af7a62e5263695e8e065ce1 2010.1/x86_64/mozilla-thunderbird-pt_PT-3.1.10-0.1mdv2010.2.noarch.rpm
5d73546804e5b0342320120204d05645 2010.1/x86_64/mozilla-thunderbird-ro-3.1.10-0.1mdv2010.2.noarch.rpm
e4676580efbb0e49334dfa2d80dcd74f 2010.1/x86_64/mozilla-thunderbird-ru-3.1.10-0.1mdv2010.2.noarch.rpm
4ccf8f989ca88012380024ee0d28168f 2010.1/x86_64/mozilla-thunderbird-si-3.1.10-0.1mdv2010.2.noarch.rpm
5a40735ff58ffd66980c9cc4533e5269 2010.1/x86_64/mozilla-thunderbird-sk-3.1.10-0.1mdv2010.2.noarch.rpm
43242bed7056db7f1e9baf3e948f00ad 2010.1/x86_64/mozilla-thunderbird-sl-3.1.10-0.1mdv2010.2.noarch.rpm
abdf46d67be0b95712f08793acdd58c5 2010.1/x86_64/mozilla-thunderbird-sq-3.1.10-0.1mdv2010.2.noarch.rpm
751b7e917d85842ba25033de7e3d289e 2010.1/x86_64/mozilla-thunderbird-sr-3.1.10-0.1mdv2010.2.noarch.rpm
66ee6f1cbc1239456b3af0bda8778be3 2010.1/x86_64/mozilla-thunderbird-sv_SE-3.1.10-0.1mdv2010.2.noarch.rpm
c9892d3a0744da6388b8e80ef81e0348 2010.1/x86_64/mozilla-thunderbird-tr-3.1.10-0.1mdv2010.2.noarch.rpm
a5c3f7b4b06b26260e22b0fb8ccdf621 2010.1/x86_64/mozilla-thunderbird-uk-3.1.10-0.1mdv2010.2.noarch.rpm
be4303a78e6e3dcb1898220ecabb34d0 2010.1/x86_64/mozilla-thunderbird-vi-3.1.10-0.1mdv2010.2.noarch.rpm
bebcf1b02fa7fc4c1d05ce0a3fcc604a 2010.1/x86_64/mozilla-thunderbird-zh_CN-3.1.10-0.1mdv2010.2.noarch.rpm
42c840daa1cd31cc2928b840ea73e2d8 2010.1/x86_64/mozilla-thunderbird-zh_TW-3.1.10-0.1mdv2010.2.noarch.rpm
ed69a2f6c9e5a9fd13bc8f2fe33fba74 2010.1/x86_64/nsinstall-3.1.10-0.1mdv2010.2.x86_64.rpm
78b7b4dceb865b1da893777a868a72a8 2010.1/SRPMS/beagle-0.3.9-40.15mdv2010.2.src.rpm
4eb580731e25fa7578b64107f3ee29be 2010.1/SRPMS/mozilla-thunderbird-3.1.10-0.1mdv2010.2.src.rpm
67c90cacabf9658be0a2d5c7d98ec105 2010.1/SRPMS/mozilla-thunderbird-l10n-3.1.10-0.1mdv2010.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFNvRmUmqjQ0CJFipgRAvlOAKDsaAKjniiNtk5m7xN3BZ2n1uNOGQCgrEKZ
iNJ9EbVT6IpiafvlrnWWk3k=IReC
-----END PGP SIGNATURE-----
From - Tue May 3 19:59:14 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e000157f4
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46786-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 184C0EC1EB
for <lists@securityspace.com>; Tue, 3 May 2011 13:46:12 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 63A71143CE1; Tue, 3 May 2011 11:37:55 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 22438 invoked from network); 2 May 2011 14:33:38 -0000
Date: Mon, 2 May 2011 08:33:37 -0600
Message-Id: <201105021433.p42EXbtl025820@www5.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: bolok.boloke80@gmail.com
To: bugtraq@securityfocus.com
Subject: SQL injection in 4images
Status: RO
Vendor:
http://www.got.my (
http://www.got.my/LINK-EXCHANGE-Script )
Vulnerable Version: 1.8.9
Vulnerability Type: SQL Injection
Risk level: High
Credit: Hector.x90
Vulnerability Details:
The vulnerability exists due to failure in the "/admin/categories.php" script to properly sanitize user-supplied input.
Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
The following PoC is available:
POST /admin/categories.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 263
__csrfSc2e96a96fcba6dc1d9626c846f665b&action=savecat&cat_name=1&cat_de
scription=1&cat_parent_id=0&cat_order=0&auth_viewcat=SQL_CODE_HERE&auth_
viewimage=0&auth_download=2&auth_upload=2&auth_directupload=9&auth_vote0&auth_sendpostcard=0&auth_readcomment=0&auth_postcomment=2
Solution: Upgrade to the most recent version
From - Tue May 3 19:59:14 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e000157f5
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46797-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 16C1AEC125
for <lists@securityspace.com>; Tue, 3 May 2011 13:47:58 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 1AB4A2372E5; Tue, 3 May 2011 11:42:36 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28096 invoked from network); 3 May 2011 13:15:14 -0000
From: security-alert@hp.com
To: bugtraq@securityfocus.com
Subject: [security bulletin] HPSBMA02661 SSRT100408 rev.2 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure
Message-Id: <20110503131510.2B3DA203AB@security.hp.com>
Date: Tue, 3 May 2011 09:15:10 -0400 (EDT)
Status: RO
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02735590
Version: 2
HPSBMA02661 SSRT100408 rev.2 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2011-04-19
Last Updated: 2011-05-02
Potential Security Impact: Remote cross site scripting (XSS), URL redirection, information disclosure
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
Potential security vulnerabilities have been identified with HP Proliant Support Pack running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), URL redirection, and information disclosure.
References: CVE-2011-1537 (XSS), CVE-2011-1538 (URL redirection), CVE-2011-1539 (information disclosure)
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Proliant Support Pack 8.6 and earlier
BACKGROUND
CVSS 2.0 Base Metrics
========================================================== Reference Base Vector Base Score
CVE-2011-1537 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3
CVE-2011-1538 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3
CVE-2011-1539 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0
========================================================== Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks ProCheckUp Ltd. for reporting CVE-2011-1537 to security-alert@hp.com.
RESOLUTION
HP has provided HP Proliant Support Pack 8.7 to resolve the vulnerabilities.
HP ProLiant Support Pack is available from www.hp.com
Select 'Support & Drivers'
Select 'Drivers & Software'
Enter 'Proliant Support Pack' into the product field
Select Operating System
Download the Proliant Support Pack
HISTORY
Version:1 (rev.1) - 19 April 2011 Initial Release
Version:2 (rev.2) - 2 May 2011 Changed CVSS score for CVE-2011-1538
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.
To get the security-alert PGP key, please send an e-mail message as follows:
To: security-alert@hp.com
Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
-check ALL categories for which alerts are required and continue.
Under Step2: your ITRC operating systems
-verify your operating system selections are checked and save.
To update an existing subscription:
http://h30046.www3.hp.com/subSignIn.php
Log in on the web page: Subscriber's choice for Business: sign-in.
On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit:
http://www.itrc.hp.com/service/cki/secBullArchive.do
* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters
of the Bulletin number in the title:
GN = HP General SW
MA = HP Management Agents
MI = Misc. 3rd Party SW
MP = HP MPE/iX
NS = HP NonStop Servers
OV = HP OpenVMS
PI = HP Printing & Imaging
ST = HP Storage SW
TL = HP Trusted Linux
TU = HP Tru64 UNIX
UX = HP-UX
VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2011 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk2+x6gACgkQ4B86/C0qfVk3AwCguCRh70rvoDmIg2FBvW/kiLoV
4gQAnirQG3C0CNJ2OHyFmYUNU1+Esdee
=xAq3
-----END PGP SIGNATURE-----
From - Tue May 3 19:59:14 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e000157f8
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46784-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id 1B7EEEC1EB
for <lists@securityspace.com>; Tue, 3 May 2011 13:54:45 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 6E90714393C; Tue, 3 May 2011 11:37:03 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 22112 invoked from network); 2 May 2011 14:30:44 -0000
Date: Mon, 2 May 2011 08:30:44 -0600
Message-Id: <201105021430.p42EUiHj025604@www5.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.420 (Entity 5.420)
From: bolok.boloke80@gmail.com
To: bugtraq@securityfocus.com
Subject: XSS in DEAL INFORMER
Status: RO
Product: DEAL INFORMER
Vendor:
http://www.got.my (
http://www.got.my/DEAL-INFORMER/ )
Vulnerable Version: 4.8.0
Vulnerability Type: XSS (Cross Site Scripting)
Risk level: Medium
Credit: Hector.x90
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/themes/default/header.inc.php" script to properly sanitize user-supplied input in "theme_dir" variable then register_globals on.
Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
The following PoC is available:
http://[host]/themes/default/header.inc.php?theme_dir=%22%3E%3Cscript%3E
alert%28document.cookie%29;%3C/script%3E
From - Tue May 3 19:59:15 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e000157f9
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46798-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id 4ABC4EC0CB
for <lists@securityspace.com>; Tue, 3 May 2011 13:58:18 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 0F149237940; Tue, 3 May 2011 11:42:54 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28606 invoked from network); 3 May 2011 13:34:05 -0000
Date: Tue, 3 May 2011 15:27:08 +0200 (CEST)
Message-Id: <201105031327.p43DR87s091295@htbridge.ch>
MIME-Version: 1.0
From: advisory@htbridge.ch
To: bugtraq@securityfocus.com
Subject: HTB22967: Multiple SQL Injection in Shutter
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="UTF-8"
Status: RO
Vulnerability ID: HTB22967
Reference:
http://www.htbridge.ch/advisory/sql_injection_in_shutter.html
Product: Shutter
Vendor:
http://shutter.tenfourzero.net/ (
http://shutter.tenfourzero.net/ )
Vulnerable Version: 0.1.4
Vendor Notification: 19 April 2011
Vulnerability Type: SQL Injection
Risk level: High
Credit: High-Tech Bridge SA Security Research Lab (
http://www.htbridge.ch/advisory/ )
Vulnerability Details:
The vulnerability exists due to failure in "index.html" script to properly sanitize user-supplied input.
Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
http://[host]/index.html?a=rss.xml&albumID=1%2B99%20union%20select%20%20version%28%29
The vulnerability exists due to failure in "admin.html" script to properly sanitize user-supplied input.
Attacker can use browser to exploit this vulnerability. The following PoC is available:
http://[host]/admin.html?albumID�3%20union%20select%20version%28%29,user%28%29,3
http://[host]/admin.html?commentID�3%20union%20select%201,version%28%29,user%28%29,4
http://[host]/admin.html?albumID=1&photoID�3%20union%20select%20version%28%29,2,3,4,5,6,7,8,9,10,11,12,13
From - Tue May 3 19:59:15 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e000157fa
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46799-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing3.securityfocus.com (outgoing.securityfocus.com [205.206.231.27])
by mx.securityspace.com (Postfix) with ESMTP id D634FEC1AD
for <lists@securityspace.com>; Tue, 3 May 2011 14:09:46 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id C3728237942; Tue, 3 May 2011 11:43:10 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28624 invoked from network); 3 May 2011 13:34:10 -0000
Date: Tue, 3 May 2011 15:27:14 +0200 (CEST)
Message-Id: <201105031327.p43DRECG091327@htbridge.ch>
MIME-Version: 1.0
From: advisory@htbridge.ch
To: bugtraq@securityfocus.com
Subject: HTB22966: XSS in (e)2 interactive Photo Gallery
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="UTF-8"
Status: RO
Vulnerability ID: HTB22966
Reference:
http://www.htbridge.ch/advisory/xss_in_e2_interactive_photo_gallery.html
Product: (e)2 interactive Photo Gallery
Vendor:
http://www.e2interactive.com (
http://www.e2interactive.com )
Vulnerable Version: 0.9
Vendor Notification: 19 April 2011
Vulnerability Type: XSS (Cross Site Scripting)
Risk level: Medium
Credit: High-Tech Bridge SA Security Research Lab (
http://www.htbridge.ch/advisory/ )
Vulnerability Details:
User can execute arbitrary JavaScript code within the vulnerable application.
The vulnerability exists due to failure in the "/uploader/index.php" script to properly sanitize user-supplied input.
Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
The following PoC is available:
http://[host]/uploader/index.php/%22%3E%3Cscript%3Ealert%28123%29;%3C/script%3E
From - Tue May 3 19:59:15 2011
X-Account-Key: account7
X-UIDL: 4d7faa1e000157fb
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <bugtraq-return-46792-lists=securityspace.com@securityfocus.com>
X-Original-To: lists@securityspace.com
Delivered-To: lists@securityspace.com
Received: from outgoing2.securityfocus.com (outgoing.securityfocus.com [205.206.231.26])
by mx.securityspace.com (Postfix) with ESMTP id E1730EC1EB
for <lists@securityspace.com>; Tue, 3 May 2011 14:13:12 -0400 (EDT)
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing2.securityfocus.com (Postfix) with QMQP
id 7AB22143E25; Tue, 3 May 2011 11:40:20 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28263 invoked from network); 2 May 2011 15:41:41 -0000
Subject: [USN-1127-1] usb-creator vulnerability
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Reply-To: Ubuntu Security <security@ubuntu.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-YEm65/7xvj5w1RSwKkUm"
Date: Mon, 02 May 2011 11:41:28 -0400
Message-ID: <1304350888.3151.242.camel@mdlinux>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.2
Status: RO
--=-YEm65/7xvj5w1RSwKkUm
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1127-1
May 02, 2011
usb-creator vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
An attacker could use usb-creator to unmount arbitrary disks or perform
other unauthorized disk operations.
Software Description:
- usb-creator: create a startup disk using a CD or disc image (common files)
Details:
Evan Broder discovered that usb-creator did not properly enforce
restrictions when performing privileged disk operations. A local attacker
could use this flaw to perform certain disk operations, such as unmount
arbitrary mountpoints.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 11.04:
usb-creator-common 0.2.28.3
Ubuntu 10.10:
usb-creator-common 0.2.25.3
Ubuntu 10.04 LTS:
usb-creator-common 0.2.22.3
In general, a standard system update will make all the necessary changes.
References:
CVE-2011-1828
Package Information:
https://launchpad.net/ubuntu/+source/usb-creator/0.2.28.3
https://launchpad.net/ubuntu/+source/usb-creator/0.2.25.3
https://launchpad.net/ubuntu/+source/usb-creator/0.2.22.3
