CVE-2009-2654 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654): Mozilla Firefox 3.5.1 and earlier allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
3.5.2 available for download, my guess is that you're already working on it?
(In reply to comment #1) > 3.5.2 available for download, my guess is that you're already working on it? > I am just waiting on a proxy commit to put it in main tree, I have it done up since last night, it is currently avaliable in the mozilla overlay.
CVE-2009-2665 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665): The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when certain add-ons are enabled, does not properly handle a Link HTTP header, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted web page, related to an incorrect security wrapper.
*** This bug has been marked as a duplicate of bug 280393 ***
Jory, please do not close bugs assigned to security@. If you feel there is a duplicate bug, please leave a comment explaining why. With regards to firefox: We try to keep issues in 3.5 (only) and in 3.0 (stable) in separate bugs. We may not always keep that idea up in 100% of the cases, but if we handle duplicate issues, please try to clear them up applying this rule.
(In reply to comment #5) > Jory, please do not close bugs assigned to security@. If you feel there is a > duplicate bug, please leave a comment explaining why. > > With regards to firefox: We try to keep issues in 3.5 (only) and in 3.0 > (stable) in separate bugs. We may not always keep that idea up in 100% of the > cases, but if we handle duplicate issues, please try to clear them up applying > this rule. > I think this bug depends on bug 280393 as it's know about stabilizing 3.5.2. (let me know if I shouldn't add depend/block info on security bugs)
amd64 stable
x86 out of here.
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).