106787 – new mozilla-firefox-1.0.7 out

Bug 106787 - new mozilla-firefox-1.0.7 out

Summary: new mozilla-firefox-1.0.7 out

Status:	RESOLVED DUPLICATE of bug 105396

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	x86 Linux

Importance:	High major (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-09-21 06:18 UTC by Rumen Yotov
Modified:	2005-09-21 07:35 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Rumen Yotov 2005-09-21 06:18:42 UTC

Hi,
Today saw that a new firefox-1.0.7 is out due to severe security vulnerability.
Searched for a bug (just did 'emerge --sync') nothing so far - 21-sep-2005/16:18
Also nothing using "glsa-check"(1.0.7 not in tree), hope 1.0.6-r7 fixes this one.
PS:downloaded the binary version of 1.0.7. Does BUG-105396 fixes it?
Thanks. Rumen

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Jakub Moc (RETIRED) gentoo-dev

2005-09-21 06:30:05 UTC

Hmm, it fixes Firefox Command Line URL Shell Command Injection vulnerability,
but I could not reproduce that one (maybe due to the wrapper script?)

http://secunia.com/advisories/16869/
https://bugzilla.mozilla.org/show_bug.cgi?id=307185

Comment 2 Thierry Carrez (RETIRED) gentoo-dev

2005-09-21 07:35:33 UTC


*** This bug has been marked as a duplicate of 105396 ***