Slackware 10.0 / 10.1 / 9.1 / current : Mozilla/Firefox/Thunderbird (SSA:2005-085-01)

high Nessus Plugin ID 18812

Synopsis

The remote Slackware host is missing a security update.

Description

New Mozilla packages are available for Slackware 9.1, 10.0, 10.1, and
-current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mo zilla Also updated are Firefox and Thunderbird in Slackware -current, and GAIM in Slackware 9.1, 10.0, and 10.1 (which uses the Mozilla NSS libraries). New versions of the mozilla-plugins symlink creation package are also out for Slackware 9.1, 10.0, and 10.1. Just a little note on Slackware security -- I believe the state of Slackware right now is quite secure. I know there have been issues announced and fixed elsewhere, and I am assessing the reality of them (to be honest, it seems the level of proof needed to announce a security hole these days has fallen close to zero -- where are the proof-of-concept exploits?) It is, as always, my firm intent to keep Slackware as secure as it can possibly be. I'm still getting back up to speed (and I do not believe that anything exploitable in real life is being allowed to slide), but I'm continuing to look over the various reports and would welcome input at [email protected] if you feel anything important has been overlooked and is in need of attention. Please remember that I do read BugTraq and many other security lists. I am not asking for duplicates of BugTraq posts unless you have additional proof or information on the issues, or can explain how an issue affects your own servers. This will help me to priorite any work that remains to be done. Thanks in advance for any helpful comments.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?7f20085f

http://www.nessus.org/u?d4c36cf5

Plugin Details

Severity: High

ID: 18812

File Name: Slackware_SSA_2005-085-01.nasl

Version: 1.14

Type: local

Published: 7/13/2005

Updated: 1/14/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:gaim, p-cpe:/a:slackware:slackware_linux:jre-symlink, p-cpe:/a:slackware:slackware_linux:mozilla, p-cpe:/a:slackware:slackware_linux:mozilla-firefox, p-cpe:/a:slackware:slackware_linux:mozilla-plugins, p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:10.0, cpe:/o:slackware:slackware_linux:10.1, cpe:/o:slackware:slackware_linux:9.1

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Patch Publication Date: 3/27/2005

Reference Information

SSA: 2005-085-01