| Summary: | <mail-client/thunderbird{,-bin}-17.0.4, <www-client/firefox{,-bin}-17.0.4, <www-client/seamonkey{,-bin}-2.16.2 : use-after-free in nsHTMLEditor when using execCommand() (CVE-2013-0787) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Alex Xu (Hello71) <alex_y_xu> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | CC: | alexander, mozilla, Storklerk |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | All | ||
| URL: | https://www.mozilla.org/security/announce/2013/mfsa2013-29.html | ||
| Whiteboard: | A2 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 464226 | ||
| Bug Blocks: | 458390 | ||
|
Description
Alex Xu (Hello71)
2013-03-08 19:26:41 UTC
Sorry about the spam. Bumped ebuilds in the tree for thunderbird{,-bin}{,esr} and firefox{,-bin}{,esr}, except for firefox-19.0.2 as there is an arm patch i'm trying to test build and I want to get that in place before committing; that will be delayed 6 to 12 hours.
Seamonkey ebuilds will come soon (tho not by me); seamonkey-bin-16.0.1 doesn't seem to be available upstream yet.
CCing arches, please stabilize as below:
=www-client/firefox-17.0.4
Target KEYWORDS: "alpha amd64 arm ia64 ppc ppc64 x86"
=www-client/firefox-bin-17.0.4
Target KEYWORDS: "amd64 x86"
=mail-client/thunderbird-17.0.4
Target KEYWORDS: "amd64 arm ppc ppc64 x86"
=mail-client/thunderbird-bin-17.0.4
Target KEYWORDS: "amd64 x86"
(Note some of these stabilizations are continuations from bug 450940)
It's been more than 6 to 12 hours. *firefox-19.0.2 (11 Mar 2013) 11 Mar 2013; Ian Stakenvicius <axs@gentoo.org> +firefox-19.0.2.ebuild, -firefox-19.0.ebuild: version bump 19.x for security bug 460818, remove old =mail-client/thunderbird-17.0.4 Target KEYWORDS: "amd64 arm ppc ppc64 x86 ~x86-fbsd ~amd64-linux ~x86-linux" =mail-client/thunderbird-bin-17.0.4 Target KEYWORDS: "amd64 x86" =www-client/firefox-17.0.4 Target KEYWORDS: "alpha amd64 arm ia64 ppc ppc64 x86 ~amd64-linux ~x86-linux" =www-client/firefox-bin-17.0.4 Target KEYWORDS: "amd64 x86" =www-client/seamonkey-2.16.1 Target KEYWORDS: "amd64 ~arm ~ppc ~ppc64 x86" =www-client/seamonkey-bin-2.16.1 Target KEYWORDS: "amd64 x86" (from bug 458390) seamonkey{,-bin}-2.16.2 comitted.
=mail-client/thunderbird-17.0.4 Target KEYWORDS: "amd64 arm ppc ppc64 x86" =mail-client/thunderbird-bin-17.0.4 Target KEYWORDS: "amd64 x86" =www-client/firefox-17.0.4 Target KEYWORDS: "alpha amd64 arm ia64 ppc ppc64 x86" =www-client/firefox-bin-17.0.4 Target KEYWORDS: "amd64 x86" =www-client/seamonkey-2.16.2 Target KEYWORDS: "amd64 x86" =www-client/seamonkey-bin-2.16.2 Target KEYWORDS: "amd64 x86" amd64 stable x86 stable arm stable ppc stable ppc64 stable CVE-2013-0787 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0787): Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEditor.cpp in Mozilla Firefox before 19.0.2, Firefox ESR 17.x before 17.0.4, Thunderbird before 17.0.4, Thunderbird ESR 17.x before 17.0.4, and SeaMonkey before 2.16.1 allows remote attackers to execute arbitrary code via vectors involving an execCommand call. This issue was resolved and addressed in GLSA 201309-23 at http://security.gentoo.org/glsa/glsa-201309-23.xml by GLSA coordinator Chris Reffett (creffett). |
