Bug 84074

Summary:	www-client/mozilla{-bin}: Version 1.7.6 fixes security issues
Product:	Gentoo Security	Reporter:	Thierry Carrez (RETIRED) <koon>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	major	CC:	mozilla, seemant
Priority:	High
Version:	unspecified
Hardware:	All
OS:	All
URL:	http://www.mozilla.org/projects/security/known-vulnerabilities.html
Whiteboard:	A2 [glsa] koon
Package list:		Runtime testing required:	---

Description Thierry Carrez (RETIRED) gentoo-dev

2005-03-04 04:41:05 UTC

Those will be fixed in upcoming Mozilla 1.7.6 release:

MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing (Gentoo bug 81113)
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files (Gentoo bug 81011)
MFSA 2005-27 Plugins can be used to load privileged content (CAN-2005-0527) (Gentoo bug 81307)
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab (Gentoo bug 81307)
MFSA 2005-25 Image drag and drop executable spoofing (Gentoo bug 81307)
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-18 Memory overwrite in string library (CAN-2005-0255)
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing (CAN-2004-1156) (Gentoo bug 73870)

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2005-03-22 00:38:56 UTC

Fixed in 1.7.6:
MFSA 2005-29  Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing

Mozilla team, please bump

Comment 2 Thierry Carrez (RETIRED) gentoo-dev

2005-03-23 06:23:41 UTC

net-www/mozilla bumped to 1.7.6 thanks to brad, mozilla-bin still needed.
CC-ing seemant so that he keeps us posted in case mozilla changes category.

Comment 3 Thierry Carrez (RETIRED) gentoo-dev

2005-03-23 06:26:52 UTC

Arches: please test and mark mozilla-1.7.6 stable...

Comment 4 Brad Laue (RETIRED) gentoo-dev

2005-03-23 06:32:33 UTC

mozilla-bin updated and bumped to stable.

Comment 5 Brad Laue (RETIRED) gentoo-dev

2005-03-23 06:32:56 UTC

Err, on x86.

Comment 6 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev

2005-03-23 11:22:47 UTC

The new ebuilds fails for me (ppc, USE includes ldap) on libldap50.so:

======= making ./libldap50.so
ld -shared -Wl,-soname -Wl,libldap50.so    -o libldap50.so ./abandon.o ./add.o ./bind.o ./cache.o ./charray.o ./charset.o ./compare.o ./compat.o ./control.o ./countvalues.o ./delete.o ./disptmpl.o ./dsparse.o ./error.o ./extendop.o ./free.o ./freevalues.o ./friendly.o ./getattr.o ./getdn.o ./getdxbyname.o ./getentry.o ./getfilter.o ./getoption.o ./getvalues.o ./memcache.o ./message.o ./modify.o ./open.o ./os-ip.o ./proxyauthctrl.o ./psearch.o ./referral.o ./regex.o ./rename.o ./request.o ./reslist.o ./result.o ./saslbind.o ./sbind.o ./search.o ./setoption.o ./sort.o ./sortctrl.o ./srchpref.o ./tmplout.o ./ufn.o ./unbind.o ./unescape.o ./url.o ./utf8.o ./vlistctrl.o  -L/var/tmp/portage/mozilla-1.7.6/work/mozilla/dist/lib -llber50
ld: unrecognized option '-Wl,-soname'
ld: use the --help option for usage information
gmake[5]: *** [libldap50.so] Error 1
gmake[5]: *** Waiting for unfinished jobs....

Comment 7 Serge 2005-03-23 13:36:49 UTC

The new ebuilds fails for me (x86, USE="nptl -kde -qt cdr tcltk -ipv6" with ldap installed) on libldap50.so:

======= making ./libldap50.so
ld -shared -Wl,-soname -Wl,libldap50.so    -o libldap50.so ./abandon.o ./add.o ./bind.o ./cache.o ./charray.o ./charset.o ./compare.o ./compat.o ./control.o ./countvalues.o ./delete.o ./disptmpl.o ./dsparse.o ./error.o ./extendop.o ./free.o ./freevalues.o ./friendly.o ./getattr.o ./getdn.o ./getdxbyname.o ./getentry.o ./getfilter.o ./getoption.o ./getvalues.o ./memcache.o ./message.o ./modify.o ./open.o ./os-ip.o ./proxyauthctrl.o ./psearch.o ./referral.o ./regex.o ./rename.o ./request.o ./reslist.o ./result.o ./saslbind.o ./sbind.o ./search.o ./setoption.o ./sort.o ./sortctrl.o ./srchpref.o ./tmplout.o ./ufn.o ./unbind.o ./unescape.o ./url.o ./utf8.o ./vlistctrl.o  -L/var/tmp/portage/mozilla-1.7.6/work/mozilla/dist/lib -llber50
ld: unrecognized option '-Wl,-soname'
ld: use the --help option for usage information
gmake[5]: *** [libldap50.so] Error 1
gmake[5]: *** Waiting for unfinished jobs....

Comment 8 Aron Griffis (RETIRED) gentoo-dev

2005-03-23 14:41:54 UTC

Ok, I fixed the ldap issue, I believe.  Please update and test

Comment 9 Jason Wever (RETIRED) gentoo-dev

2005-03-23 20:33:48 UTC

SPARCtastic

Comment 10 Thierry Carrez (RETIRED) gentoo-dev

2005-03-24 01:37:13 UTC

Arches, please test and mark stable:

mozilla-1.7.6-r1: alpha amd64 hppa ia64 ppc

Comment 11 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev

2005-03-24 11:44:39 UTC

Stable on ppc.

Comment 12 Thierry Carrez (RETIRED) gentoo-dev

2005-03-25 00:41:38 UTC

alpha and ia64 are done

Comment 13 Serge 2005-03-25 03:46:34 UTC

on x86 the libldap50.so error is corrected
Thanks.

Comment 14 Simon Stelling (RETIRED) gentoo-dev

2005-03-25 03:52:27 UTC

all stable on amd64

Comment 15 Thierry Carrez (RETIRED) gentoo-dev

2005-03-25 05:01:26 UTC

GLSA 200503-30
hppa sould mark stable to benefit from GLSA

Comment 16 René Nussbaumer (RETIRED) gentoo-dev

2005-06-26 06:29:44 UTC

ebuild no longer in portage