* http://larholm.com/2007/06/04/unpatched-input-validation-flaw-in-firefox-2004/ https://bugzilla.mozilla.org/show_bug.cgi?id=380994 * http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063712.html https://bugzilla.mozilla.org/show_bug.cgi?id=382686 https://bugzilla.mozilla.org/show_bug.cgi?id=376473
mozilla, do we know if this issues are fixed with version 2.0.0.6? please advise.
(In reply to comment #1) > mozilla, do we know if this issues are fixed with version 2.0.0.6? please > advise. > It's not. According to the bugs posted avobe, they will be fixed in firefox-3.0.
(In reply to comment #2) > (In reply to comment #1) > > mozilla, do we know if this issues are fixed with version 2.0.0.6? please > > advise. > > > > It's not. According to the bugs posted avobe, they will be fixed in > firefox-3.0. > ok, setting to enhancement for now, we'll see when 3.0 is released.
* http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063712.html https://bugzilla.mozilla.org/show_bug.cgi?id=382686 https://bugzilla.mozilla.org/show_bug.cgi?id=376473 Those are fixed since ff-2.0.0.5 The first is not
https://bugzilla.mozilla.org/show_bug.cgi?id=380994 also appears to have been fixed quite a long time ago, so maybe you can resolve this bug report.
Nothing for mozilla herd to do here.
https://bugzilla.mozilla.org/show_bug.cgi?id=380994 : CVE-2007-3073 is a duplicate of CVE-2008-4067 [1]. CVE-2008-4067 is listed on bug 238535 which is on a GLSA request. https://bugzilla.mozilla.org/show_bug.cgi?id=382686 : CVE-2007-3089 - fixed in bug 185737 and listed on GLSA 200708-09. https://bugzilla.mozilla.org/show_bug.cgi?id=376473 : CVE-2008-0591 - fixed in bug 208128 and listed on GLSA 200805-18. [1] http://seclists.org/oss-sec/2008/q4/41
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).