Risks

Advisories

Browse

Turbolinux Security Announcement - Multiple vulnerabilities exist in webnavi, thunderbird (25/Dec/2012)

============================================================
Turbolinux Security Announcement 25/Dec/2012
============================================================

The following page contains the security information of Turbolinux Inc.

 - Turbolinux Security Center
   http://www.turbolinux.co.jp/security/

(1) webnavi -> Multiple vulnerabilities exist in webnavi
(2) thunderbird -> Multiple vulnerabilities in thunderbird

===========================================================
* webnavi -> Multiple vulnerabilities exist in webnavi
===========================================================

 Summary: Multiple vulnerabilities exist in webnavi

 More information:
    Mozilla Firefox(webnavi) is an open-source web browser, designed for standards
    compliance, performance and portability.

    Multiple vulnerabilities have been discovered in webnavi.

 Impact:
    Please refer to the "References" section.

 Affected Products:
    - Turbolinux Client 12.5


 <Turbolinux Client 12.5>

   Source Packages
   Size: MD5

  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-sou
rce/nspr-4.9.2-1.src.rpm
       896650 5167139244e463f18ff4350da737fdc8
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-sou
rce/webnavi-17.0.1-1.src.rpm
    113395188 3e8e96b1d419966a6199897b353aaf0d
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-sou
rce/xulrunner-17.0.1-1.src.rpm
     90350891 82a2d99a439669a96ab06b6f6e61318e

   Binary Packages
   Size: MD5

  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/nspr-4.9.2-1.i586.rpm
       123429 238ab6f48eb0ff7e9d623bc8f551c787
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/nspr-devel-4.9.2-1.i586.rpm
       108598 e9328f5d1abc263807618a20bd049a3c
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/webnavi-17.0.1-1.i586.rpm
     27582705 3652e277bf954c1238c2c7d938835e7e
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/webnavi-en_US-17.0.1-1.i586.rpm
        21126 f7c17cd2c0c5ebec416f47e3679b5b93
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/webnavi-ja-17.0.1-1.i586.rpm
       305769 793be39abfe257403734c06e70af29fa
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/webnavi-ko-17.0.1-1.i586.rpm
       280842 24820868daffce381fa30801f552d447
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/webnavi-zh_CN-17.0.1-1.i586.rpm
       286186 2fde51e333d50cd4ddfe6e800961b8e8
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/webnavi-zh_TW-17.0.1-1.i586.rpm
       287274 9190882046a393e9824648e9a386ef04
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/xulrunner-17.0.1-1.i586.rpm
     17494722 47b5fd61ebfc1139c26c52c129772b07
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/xulrunner-devel-17.0.1-1.i586.rpm
      6056491 a7dcaadebe24bf495eae2ae5005fb82d


 References:

 Mozilla Foundation
   [Mozilla Foundation Security Advisories]
   http://www.mozilla.org/security/announce/


===========================================================
* thunderbird -> Multiple vulnerabilities in thunderbird
===========================================================

 Summary: Multiple vulnerabilities in thunderbird

 More information:
    Mozilla Thunderbird is an open-source mail client, designed for standards
    compliance, performance and portability.

    The multiple vulnerabilities exist in thunderbird.

 Impact:
    Please refer to the "References" section.

 Affected Products:
    - Turbolinux Client 12.5


 <Turbolinux Client 12.5>

   Source Packages
   Size: MD5

  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-sou
rce/thunderbird-17.0-1.src.rpm
    133054993 814779f795e67c137688c1e2f504d967

   Binary Packages
   Size: MD5

  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/thunderbird-17.0-1.i586.rpm
     23960478 b053a8a4bfa97889df1bde6e7fc5a9a5
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/thunderbird-ja-17.0-1.i586.rpm
       411412 5d65a188fa228ed8c6c92516d91aa981
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/thunderbird-ko-17.0-1.i586.rpm
       360161 eb2073a7f9708f8a8742f8bc9a752f55
  
http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12.5/turbolinux-upd
ates/thunderbird-zh_CN-17.0-1.i586.rpm
       379153 1a0a37597fd6227d4a16c25ea2b55838


 References:

 Mozilla Foundation
   [Mozilla Foundation Security Advisories]
   http://www.mozilla.org/security/announce/


Package Update Path
http://www.turbolinux.co.jp/support/download.html

============================================================
 * To obtain the public key

Here is the public key

 http://www.turbolinux.co.jp/security/

 * To unsubscribe from the list

If you ever want to remove yourself from this mailing list,
  you can send a message to <server-users-e-ctl@turbolinux.co.jp> with
the word `unsubscribe' in the body (don't include the quotes).

unsubscribe

 * To change your email address

If you ever want to chage email address in this mailing list,
  you can send a message to <server-users-e-ctl@turbolinux.co.jp> with
the following command in the message body:

  chaddr 'old address' 'new address'

If you have any questions or problems, please contact
<supp_info@turbolinux.co.jp>

Thank you!

Spotlight

Is it time to professionalize information security?

Posted on 23 May 2013. | The issue of whether or not information security professionals should be licensed to practice has already been the topic of many a passionate debate.

Review: Logging and Log Management

Posted on 22 May 2013. | Every security practitioner should be aware of the overwhelming advantages of logging and perusing logs for discovering system intrusions. But logging and log management comes with its own set of difficulties.

Experts highlight top data breach vulnerabilities

Posted on 22 May 2013. | Hidden vulnerabilities lie in everyday activities that can expose personal information and lead to data breach, including buying gas with a credit card or wearing a pacemaker.

A closer look at Mega cloud storage

Posted on 21 May 2013. | Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.

The CSO perspective on healthcare security and compliance

Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.

Daily digest

By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.

Weekly newsletter

With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.

DON'T
MISS
Fri, May 24th

24 May 2013.

Facebook phishers target Fan Pages owners

24 May 2013.

Google set to upgrade its SSL certs

23 May 2013.

Is it time to professionalize infosec?

23 May 2013.

Google researcher reveals Windows 0-day

23 May 2013.

Twitter finally offers 2-factor authentication