Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 181361 (CVE-2007-3073) - <www-client/mozilla-firefox{,-bin}-2.0.0.17 - multiple vulnerabilities (CVE-2007-{3073,3089},CVE-2008-0591)
Summary: <www-client/mozilla-firefox{,-bin}-2.0.0.17 - multiple vulnerabilities (CVE-2...
Status: RESOLVED FIXED
Alias: CVE-2007-3073
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High enhancement (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A4 [glsa]
Keywords:
Depends on: 185737 208128 238535
Blocks:
  Show dependency tree
 
Reported: 2007-06-08 23:13 UTC by Carsten Lohrke (RETIRED)
Modified: 2013-01-08 01:02 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-08-09 11:32:11 UTC
mozilla, do we know if this issues are fixed with version 2.0.0.6? please advise.
Comment 2 Raúl Porcel (RETIRED) gentoo-dev 2007-08-09 13:29:46 UTC
(In reply to comment #1)
> mozilla, do we know if this issues are fixed with version 2.0.0.6? please
> advise.
> 

It's not. According to the bugs posted avobe, they will be fixed in firefox-3.0.
Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-09-08 16:12:58 UTC
(In reply to comment #2)
> (In reply to comment #1)
> > mozilla, do we know if this issues are fixed with version 2.0.0.6? please
> > advise.
> > 
> 
> It's not. According to the bugs posted avobe, they will be fixed in
> firefox-3.0.
> 
ok, setting to enhancement for now, we'll see when 3.0 is released.
Comment 5 Jaak Ristioja 2010-07-23 08:17:14 UTC
https://bugzilla.mozilla.org/show_bug.cgi?id=380994 also appears to have been fixed quite a long time ago, so maybe you can resolve this bug report.
Comment 6 Jory A. Pratt gentoo-dev 2010-09-16 12:54:05 UTC
Nothing for mozilla herd to do here.
Comment 7 Sean Amoss gentoo-dev Security 2012-02-09 15:03:20 UTC
https://bugzilla.mozilla.org/show_bug.cgi?id=380994 : 
CVE-2007-3073 is a duplicate of CVE-2008-4067 [1]. 
CVE-2008-4067 is listed on bug 238535 which is on a GLSA request.

https://bugzilla.mozilla.org/show_bug.cgi?id=382686 :
CVE-2007-3089 - fixed in bug 185737 and listed on GLSA 200708-09.

https://bugzilla.mozilla.org/show_bug.cgi?id=376473 : 
CVE-2008-0591 - fixed in bug 208128 and listed on GLSA 200805-18.


[1] http://seclists.org/oss-sec/2008/q4/41
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2013-01-08 01:02:43 UTC
This issue was resolved and addressed in
 GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).