Description: A vulnerability has been discovered in Mozilla Suite, which can be exploited by malicious people to gain knowledge of potentially sensitive information. For more information: SA14820 The vulnerability has been confirmed in version 1.7.6. Other versions may also be affected. Solution: Disable JavaScript support. Other References: SA14820: http://secunia.com/advisories/14820/ -------------------------------------------- Description: A vulnerability has been discovered in Mozilla Firefox, which can be exploited by malicious people to gain knowledge of potentially sensitive information. The vulnerability is caused due to an error in the JavaScript engine, as a "lambda" replace exposes arbitrary amounts of heap memory after the end of a JavaScript string. Successful exploitation may disclose sensitive information in memory. Secunia has constructed a test, which can be used to check if your browser is affected by this issue: http://secunia.com/mozilla_products_arbitrary_memory_exposure_test/ The vulnerability has been confirmed in versions 1.0.1 and 1.0.2. Other versions may also be affected. Solution: Disable JavaScript support. Original Advisory: Mozilla bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=288688
CC'ing mozilla herd.
Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=288688 Will land in aviary-1.0.3 and seamonkey-1.7.7
I've just rebuild FF 1.0.2 with the patch from Mozilla's Bugzilla. Patch applies cleanly after a little cosmetics Should also work for Seamonkey, but I have not tested this. Patch is only 5 lines or so after all... Patch and ebuild for FF attached to this bug. Why wait for 1.0.3 if we can fix this now?
Created attachment 55289 [details, diff] jsstr.c.patch
Created attachment 55290 [details] mozilla-firefox-1.0.2-r2.ebuild
*** Bug 87983 has been marked as a duplicate of this bug. ***
Netscape 7.2 is also affected with the same vulnerability (http://secunia.com/advisories/14804/)
About patching vs waiting for upstream, new versions are almost ready : http://www.mozillazine.org/talkback.html?article=6336 So I think it's worth waiting. Mozilla team: get ready for another bump !
*** Bug 88430 has been marked as a duplicate of this bug. ***
Mozilla has just released these updates. (also, this is CAN-2005-0989)
*** Bug 89265 has been marked as a duplicate of this bug. ***
So this bug is now splitted... Please follow progress on mozilla-1.7.7 tracker bug (bug 89305) and mozilla-firefox 1.0.3 tracker bug (bug 89303). This bug will deal with netscape vulnerability only.
There is no reason to see an update from Netscape and it must be riddled with other vulnerabilities, making it an unsafe browser to surf the web with. I think we should mask it... usata: your feeling ?
Agreed with masking www-clients/netscape until Netscape releases fixed version. I'll mask it shortly.
Netscape 7.2 is also vulnerable to http://secunia.com/advisories/14996/ usata: please comment on the bug when masking is done.
*** Bug 89728 has been marked as a duplicate of this bug. ***
I've just p.masked www-client/netscape.
Out of global scope until a new Netscape release fixes this (or we get rid of that package)
Netscape 7.2 is also vulnerable to http://secunia.com/advisories/15267/
The version 8.0.1 has been released with fixes for:
The version 8.0.1 has been released with fixes for: MFSA 2005-44 Privilege escalation via non-DOM property overrides MFSA 2005-43 "Wrapped" javascript: urls bypass security checks MFSA 2005-42 Code execution via javascript: IconURL
usata: Time to bump to 8.0.1...
There is only Windows version of Netscape 8.x available atm.
Oops :)
Mamory any news on this one?
suggest resolving this one CANTFIX
Seems like Netscape was completely removed since last I checked. Resoling this as FIXED.