Debians sikkerhedsbulletin
DSA-810-1 mozilla -- flere sårbarheder
- Rapporteret den:
- 13. sep 2005
- Berørte pakker:
- mozilla
- Sårbar:
- Ja
- Referencer i sikkerhedsdatabaser:
- I Bugtraq-databasen (hos SecurityFocus): BugTraq-id 14242.
I Mitres CVE-ordbog: CVE-2004-0718, CVE-2005-1937, CVE-2005-2260, CVE-2005-2261, CVE-2005-2263, CVE-2005-2265, CVE-2005-2266, CVE-2005-2268, CVE-2005-2269, CVE-2005-2270. - Yderligere oplysninger:
-
Flere problemer er opdaget i Mozilla, webbrowseren fra Mozilla-programpakken. Da den almindelige praksis med tilbageførelse af ændringer ikke lader til at virke med denne pakke, er denne opdatering grundlæggende version 1.7.10 hvor versionsnummeret er rullet tilbage, og derfor stadig hedder 1.7.8. Projektet Common Vulnerabilities and Exposures har fundet frem til følgende problemer:
- CAN-2004-0718, CAN-2005-1937
En sårbarhed er opdaget i Mozilla hvilket gjorde det muligt for fjernangribere at indsprøjte vilkårligt Javascript fra en side ind i en andet websteds frameset.
- CAN-2005-2260
Browserens brugergrænseflade skelner ikke korrekt mellem brugergenererede begivenheder og syntetiske begivenheder som man ikke kan stole på, hvilket gjode det nemmere for fjernagrigere at udføre farlige handlinger som normalt kun kunne udføres manuelt af brugeren.
- CAN-2005-2261
XML-skripter kørte selv når Javascript var slået fra.
- CAN-2005-2263
Det var muligt for en fjernangriber at udføre en tilbagekaldsfunktion i et andet domænes kontekst (dvs. fx en frame).
- CAN-2005-2265
Manglende kontrol af inddata i InstallVersion.compareTo() kunne medføre at programmet gik ned.
- CAN-2005-2266
Fjernangribere kunne stjæle følsomme oplysninger så som cookies og adgangskoder fra webstedet ved at tilgå data i fremmede frames.
- CAN-2005-2268
Det var muligt for en Javascript-dialogboks at udgive sig for en dialogboks fra et websted der stoles på og dermed være et instrument i et "phishing"-angreb.
- CAN-2005-2269
Fjernangribere kunne ændre visse tag-indstillinger hørende til DOM-noder, hvilket kunne før til udførelse af vilkårlige skripter eller kode.
- CAN-2005-2270
Mozilla-browserfamilien kloner ikke baseobjekter korrekt, hvilket gjorde det muligt for fjernangribere at udføre vilkårlig kode.
I den stabile distribution (sarge) er disse problemer rettet i version 1.7.8-1sarge2.
I den ustabile distribution (sid) er disse problemer rettet i version 1.7.10-1.
Vi anbefaler at du opgraderer dine Mozilla-pakker.
- CAN-2004-0718, CAN-2005-1937
- Rettet i:
-
Debian GNU/Linux 3.1 (sarge)
- Kildekode:
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2.dsc
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2.diff.gz
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_alpha.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_arm.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_i386.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_ia64.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_ia64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_hppa.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_m68k.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_m68k.deb
- Big endian MIPS:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_mips.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_mips.deb
- Little endian MIPS:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_mipsel.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_powerpc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_s390.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge2_sparc.deb
- http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge2_sparc.deb
MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.