MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage MFSA 2013-39 Memory corruption while rendering grayscale PNG images MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations MFSA 2013-37 Bypass of tab-modal dialog origin disclosure MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux MFSA 2013-34 Privilege escalation through Mozilla Updater MFSA 2013-33 World read and write access to app_tmp directory MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service MFSA 2013-31 Out-of-bounds write in Cairo library MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)
All ebuilds should now be in tree, give a few days if all is fine in bugzy proceed with stabilization.
(In reply to comment #1) > All ebuilds should now be in tree, give a few days if all is fine in bugzy > proceed with stabilization. No mail-client/thunderbird?
*** Bug 464686 has been marked as a duplicate of this bug. ***
mail-client/thunderbird-17.0.5, www-client/firefox-17.0.5 and www-client/seamonkey-2.17 are all available in the tree now.
*** Bug 464692 has been marked as a duplicate of this bug. ***
Arches please test and mark stable the following packages: =mail-client/thunderbird-17.0.5 Target KEYWORDS: "amd64 arm ppc ppc64 x86" =mail-client/thunderbird-bin-17.0.5 Target KEYWORDS: "amd64 x86" =www-client/firefox-17.0.5 Target KEYWORDS: "alpha amd64 arm ia64 ppc ppc64 x86" =www-client/firefox-bin-17.0.5 Target KEYWORDS: "amd64 x86" =www-client/seamonkey-2.17 Target KEYWORDS: "amd64 x86" =www-client/seamonkey-bin-2.17 Target KEYWORDS: "amd64 x86"
CVE-2013-0800 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800): Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation. CVE-2013-0799 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799): Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments. CVE-2013-0797 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797): Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows local users to gain privileges via a Trojan horse DLL file in an unspecified directory. CVE-2013-0796 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796): The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (free of unallocated memory) via unspecified vectors. CVE-2013-0795 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795): The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote attackers to bypass the Same Origin Policy or possibly execute arbitrary JavaScript code with chrome privileges via a crafted web site. CVE-2013-0794 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794): Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal dialogs, which allows remote attackers to conduct phishing attacks via a crafted web site. CVE-2013-0793 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793): Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 do not ensure the correctness of the address bar during history navigation, which allows remote attackers to conduct cross-site scripting (XSS) attacks or phishing attacks by leveraging control over navigation timing. CVE-2013-0792 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792): Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, do not properly handle color profiles during PNG rendering, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a grayscale PNG image. CVE-2013-0791 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791): The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate. CVE-2013-0789 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other vectors. CVE-2013-0788 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
amd64 stable
x86 stable
arm stable
ppc stable
ppc64 stable
406821 is not anymore a blocker
alpha/ia64 will continue in bug 469868
This issue was resolved and addressed in GLSA 201309-23 at http://security.gentoo.org/glsa/glsa-201309-23.xml by GLSA coordinator Chris Reffett (creffett).
