CVE-2009-0071 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0071): Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call.
mozilla, please advice.
Planned release for 3.0.6 is 3-4 february.
Ready to vote, I vote NO.
CVE-2009-2535 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2535): Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
Gah, last comment should go to another bug.
Nothing for mozilla team to do here.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).