Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 324735 - <mail-client/thunderbird{,-bin}-3.0.5 <net-libs/xulrunner{,-bin}-1.9.2.4 <www-client/mozilla-firefox-3.6.4 <www-client/firefox-bin-3.6.4 <www-client/icecat-3.6.4 <www-client/seamonkey{-bin}-2.0.5: Multiple vulnerabilities
Summary: <mail-client/thunderbird{,-bin}-3.0.5 <net-libs/xulrunner{,-bin}-1.9.2.4 <www...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa]
Keywords:
: 314009 314025 (view as bug list)
Depends on: 311801
Blocks: CVE-2008-5913 305789 312647 312649
  Show dependency tree
 
Reported: 2010-06-19 20:31 UTC by Jory A. Pratt
Modified: 2013-01-08 01:04 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jory A. Pratt gentoo-dev 2010-06-19 20:31:30 UTC
There are known security vulnerabilities in <3.0.5 version of thunderbird a new release has been made avaliable. We will not be at liberty to discuss the security concerns until a new release of firefox is made in a few days. I would still prefer we get the arch teams in to handle stabilizing both thunderbird and thunderbird-bin 3.0.5,
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2010-06-22 22:09:12 UTC
Target keywords for tunderbird are:
  alpha amd64 ia64 ppc ppc64 sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux

Target keywords for thunderbird-bin/firefox-bin are:
  amd64 x86

Target keywords for xulrunner/mozilla-firefox are:
  alpha amd64 arm hppa ia64 ppc ppc64 sparc x86

Target keywords for www-client/seamonkey are:
  alpha amd64 hppa ia64 ppc ppc64 sparc x86


List of vulnerabilities concerning xulrunner/firefox and derivates:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.4

List of vulnerabilities concerning thunderbird:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html#thunderbird3.0.5

List of vulnerabilities concerning seamonkey:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html#seamonkey2.0.5
Comment 2 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2010-06-22 22:18:25 UTC
*** Bug 314009 has been marked as a duplicate of this bug. ***
Comment 3 Christian Faulhammer (RETIRED) gentoo-dev 2010-06-23 20:43:37 UTC
x86 stable
Comment 4 Richard Freeman gentoo-dev 2010-06-24 00:48:47 UTC
amd64 stable for thunderbird and firefox non-bin.
Comment 5 Christoph Mende (RETIRED) gentoo-dev 2010-06-24 00:50:18 UTC
amd64 stable
Comment 6 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2010-06-24 05:41:21 UTC
Target keywords for www-client/icecat are:
  amd64 ~ppc ~ppc64 x86

Readded amd64 and x86. Guys, sorry for the inconvenience, the GNU people simply lagged a bit behind :)
@ ppc/pp64 guys: Feel free to stabilize icecat for your arch as well. It would be great if we had at least one version of icecat stable on your arch as well.
Comment 7 Christoph Mende (RETIRED) gentoo-dev 2010-06-24 06:29:43 UTC
amd64 stable
Comment 8 Christian Faulhammer (RETIRED) gentoo-dev 2010-06-24 08:24:31 UTC
x86 done for icecat, too...
Comment 9 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-06-26 10:01:14 UTC
*** Bug 314025 has been marked as a duplicate of this bug. ***
Comment 10 Raúl Porcel (RETIRED) gentoo-dev 2010-06-26 17:29:43 UTC
alpha/arm/ia64/sparc stable
Comment 11 Guy Martin (RETIRED) gentoo-dev 2010-07-02 09:21:35 UTC
hppa stable
Comment 12 Brent Baude (RETIRED) gentoo-dev 2010-07-08 20:16:26 UTC
ppc and ppc64 done
Comment 13 Jory A. Pratt gentoo-dev 2010-07-19 00:34:31 UTC
Readding x86 and amd64 for seamonkey-bin-2.0.5 stabilization.
Comment 14 Christian Faulhammer (RETIRED) gentoo-dev 2010-07-19 06:38:33 UTC
x86 done
Comment 15 Markos Chandras (RETIRED) gentoo-dev 2010-07-19 13:24:49 UTC
amd64 done
Comment 16 Stefan Behte (RETIRED) gentoo-dev Security 2010-08-01 13:05:01 UTC
GLSA added.
Comment 17 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:36:51 UTC
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
Comment 18 GLSAMaker/CVETool Bot gentoo-dev 2012-07-21 14:36:42 UTC
CVE-2010-3400 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3400):
  The js_InitRandom function in the JavaScript implementation in Mozilla
  Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before
  2.0.5, uses the current time for seeding of a random number generator, which
  makes it easier for remote attackers to guess the seed value via a
  brute-force attack, a different vulnerability than CVE-2008-5913.

CVE-2010-3171 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3171):
  The Math.random function in the JavaScript implementation in Mozilla Firefox
  3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random
  number generator that is seeded only once per document object, which makes
  it easier for remote attackers to track a user, or trick a user into acting
  upon a spoofed pop-up message, by calculating the seed value, related to a
  "temporary footprint" and an "in-session phishing attack." NOTE: this
  vulnerability exists because of an incorrect fix for CVE-2008-5913.

CVE-2010-1203 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1203):
  The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote
  attackers to cause a denial of service (memory corruption and application
  crash) or possibly execute arbitrary code via vectors that trigger an
  assertion failure in jstracer.cpp.

CVE-2010-1202 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1202):
  Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla
  Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before
  3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial
  of service (memory corruption and application crash) or possibly execute
  arbitrary code via unknown vectors.

CVE-2010-1201 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1201):
  Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x
  before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows
  remote attackers to cause a denial of service (memory corruption and
  application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2010-1200 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1200):
  Multiple unspecified vulnerabilities in the browser engine in Mozilla
  Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before
  3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial
  of service (memory corruption and application crash) or possibly execute
  arbitrary code via unknown vectors.

CVE-2010-1199 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1199):
  Integer overflow in the XSLT node sorting implementation in Mozilla Firefox
  3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and
  SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via
  a large text value for a node.

CVE-2010-1198 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1198):
  Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and
  3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to
  execute arbitrary code via vectors involving multiple plugin instances.

CVE-2010-1197 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1197):
  Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey
  before 2.0.5, does not properly handle situations in which both
  "Content-Disposition: attachment" and "Content-Type: multipart" are present
  in HTTP headers, which allows remote attackers to conduct cross-site
  scripting (XSS) attacks via an uploaded HTML document.

CVE-2010-1196 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1196):
  Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in
  Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird
  before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute
  arbitrary code via a DOM node with a long text value that triggers a
  heap-based buffer overflow.

CVE-2010-1125 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1125):
  The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x
  before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send
  selected keystrokes to a form field in a hidden frame, instead of the
  intended form field in a visible frame, via certain calls to the focus
  method.

CVE-2010-0183 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0183):
  Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in
  Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote
  attackers to execute arbitrary code via a crafted HTML document, related to
  an improper frame construction process for menus.

CVE-2010-0179 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0179):
  Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before
  2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does
  not properly handle interaction between the XMLHttpRequestSpy object and
  chrome privileged objects, which allows remote attackers to execute
  arbitrary JavaScript via a crafted HTTP response.
Comment 19 GLSAMaker/CVETool Bot gentoo-dev 2013-01-08 01:04:14 UTC
This issue was resolved and addressed in
 GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).