Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 35653

Summary: Mozilla Partially Vulnerable to Internet Explorer URL Spoofing Security Flaw
Product: Gentoo Linux Reporter: Hanno Böck <hanno>
Component: Current packagesAssignee: Mozilla Gentoo Team <mozilla>
Status: RESOLVED FIXED    
Severity: normal CC: centic, security
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
URL: http://www.mozillazine.org/talkback.html?article=4078
Whiteboard:
Package list:
Runtime testing required: ---

Description Hanno Böck gentoo-dev 2003-12-12 04:13:11 UTC 
Full description to the vulnerability is at
http://www.mozillazine.org/talkback.html?article=4078

Mozilla bug 228176, a preliminary patch is already available
http://bugzilla.mozilla.org/show_bug.cgi?id=228176
Comment 1 solar (RETIRED) gentoo-dev 2003-12-17 10:44:20 UTC 
Reassinging bug to our mozilla team as there is not alot our security team can do about this other than wait for mozilla-1.6 final. The decision to add/reject http://bugzilla.mozilla.org/attachment.cgi?id=137275&action=edit will have to be up to our mozilla team as well.
Comment 2 solar (RETIRED) gentoo-dev 2004-04-17 22:49:41 UTC 
Hanno,

azarah, agriffis, brad make up the mozilla@ alias and none of them seem
to have any input.

What do you think should happen here?
Are you going to add the patches to portage and take care of mozilla 
now that the upstream bug has been resolved?
Comment 3 Aron Griffis (RETIRED) gentoo-dev 2004-04-26 08:45:41 UTC 
Hmmm, I never actually saw this before!

Anyway, we're at 1.6 now, so this is resolved.