News

=========================================================== Ubuntu Security Notice USN-602-1 April 22, 2008 firefox vulnerability CVE-2008-1380 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.15~prepatch080417a-0ubuntu1 Ubuntu 6.10: firefox 2.0.0.14+0nobinonly-0ubuntu0.6.10 Ubuntu 7.04: firefox 2.0.0.14+1nobinonly-0ubuntu0.7.4 Ubuntu 7.10: firefox 2.0.0.14+2nobinonly-0ubuntu0.7.10 After a standard system upgrade you need to restart firefox to effect the necessary changes. Details follow: Flaws were discovered in Firefox which could lead to crashes during JavaScript garbage collection. If a user were tricked into opening a malicious web page, an attacker may be able to crash the browser or possibly execute arbitrary code with the user's privileges. (CVE-2008-1380)