mozilla-team, please either provide an updated 3.5.9 ebuild or give an ok for stabilizing 3.6.2.
I just renamed the 3.5.8.ebuild to 3.5.9 and much to my surprise it worked, I thought xulrunner and FF always update at the same time. Or am I still, at core, running 3.5.8? I'm running amd64 with several hundred ~amd64 packages (don't ask lol), here's the USE-flags I think the full emerge --info would be a waste of space. [ebuild R ] www-client/mozilla-firefox-3.5.9 USE="alsa dbus java sqlite startup-notification -bindist -custom-optimization -gnome -iceweasel -mozdevelop" LINGUAS="de en en_GB en_US -af -ar -as -be -bg -bn -bn_BD -bn_IN -ca -cs -cy -da -el -eo -es -es_AR -es_CL -es_ES -es_MX -et -eu -fa -fi -fr -fy -fy_NL -ga -ga_IE -gl -gu -gu_IN -he -hi -hi_IN -hr -hu -id -is -it -ja -ka -kk -kn -ko -ku -lt -lv -mk -ml -mn -mr -nb -nb_NO -nl -nn -nn_NO -oc -or -pa -pa_IN -pl -pt -pt_BR -pt_PT -rm -ro -ru -si -sk -sl -sq -sr -sv -sv_SE -ta -ta_LK -te -th -tr -uk -vi -zh_CN -zh_TW" 0 kB [1]
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
CVE-2010-0181 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181): Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images. CVE-2010-0178 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178): Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript with Chrome privileges by loading a chrome: URL and then loading a javascript: URL. CVE-2010-0177 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177): Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability." CVE-2010-0176 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176): Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability." CVE-2010-0175 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175): Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items. CVE-2010-0174 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).