Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 230567 - Mozilla Firefox, Thunderbird, Seamonkey, Xulrunner: ".15" fixes (CVE-2008-{2798,2799,2800,2801,2802,2803,2805,2807,2808,2809,2810,2811})
Summary: Mozilla Firefox, Thunderbird, Seamonkey, Xulrunner: ".15" fixes (CVE-2008-{27...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.mozilla.org/projects/secur...
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks: 204337 218065
  Show dependency tree
 
Reported: 2008-07-02 20:14 UTC by Robert Buchholz (RETIRED)
Modified: 2008-08-06 00:43 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-07-02 20:14:59 UTC
Fixed in Firefox 2.0.0.15
MFSA 2008-33  Crash and remote code execution in block reflow
MFSA 2008-32 Remote site run as local file via Windows URL shortcut
MFSA 2008-31 Peer-trusted certs can use alt names to spoof
MFSA 2008-30 File location URL in directory listings not escaped properly
MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
MFSA 2008-24 Chrome script loading from fastload file
MFSA 2008-23 Signed JAR tampering
MFSA 2008-22 XSS through JavaScript same-origin violation
MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

Fixed in SeaMonkey 1.1.10
MFSA 2008-33 Crash and remote code execution in block reflow
MFSA 2008-32 Remote site run as local file via Windows URL shortcut
MFSA 2008-31 Peer-trusted certs can use alt names to spoof
MFSA 2008-30 File location URL in directory listings not escaped properly
MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
MFSA 2008-24 Chrome script loading from fastload file
MFSA 2008-23 Signed JAR tampering
MFSA 2008-22 XSS through JavaScript same-origin violation
MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
MFSA 2008-20 Crash in JavaScript garbage collector
Comment 1 Raúl Porcel (RETIRED) gentoo-dev 2008-07-03 14:23:39 UTC
To stabilize:
=www-client/mozilla-firefox-2.0.0.15
Arches: "alpha amd64 arm hppa ia64 mips ppc ppc64 sparc x86"
=www-client/mozilla-firefox-bin-2.0.0.15
ches: "amd64 x86"
=www-client/seamonkey-1.1.10
Arches: "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
=www-client/seamonkey-bin-1.1.10
ches: "amd64 x86"
=net-libs/xulrunner-1.8.1.15
Arches: "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"
=net-libs/xulrunner-bin-1.8.1.15
Arches: "amd64 x86"

Have fun
Comment 2 Christian Faulhammer (RETIRED) gentoo-dev 2008-07-04 09:16:38 UTC
x86 done
Comment 3 Raúl Porcel (RETIRED) gentoo-dev 2008-07-04 16:57:50 UTC
alpha/ia64/sparc stable
Comment 4 Jeroen Roovers gentoo-dev 2008-07-04 17:19:26 UTC
Stable for HPPA:
 =net-libs/xulrunner-1.8.1.15
 =www-client/seamonkey-1.1.10
 =www-client/mozilla-firefox-2.0.0.15
Comment 5 Thomas Anderson (tanderson) (RETIRED) gentoo-dev 2008-07-04 21:27:43 UTC
amd64 stable for -bin
Comment 6 Brent Baude (RETIRED) gentoo-dev 2008-07-05 16:03:01 UTC
ppc and ppc64 done
Comment 7 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-07-06 18:10:26 UTC
what about thunderbird? Did someone requests CVE ids for these? anyway, glsa request filed.
Comment 8 Raúl Porcel (RETIRED) gentoo-dev 2008-07-06 18:25:23 UTC
thunderbird will be out when firefox 2.0.0.16 is and 3.0.1, which is supposed to be 15th july
Comment 9 Robert Buchholz (RETIRED) gentoo-dev 2008-07-09 20:58:39 UTC
CVE-2008-2798 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2798):
  Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15,
  Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote
  attackers to cause a denial of service (application crash) and possibly
  execute arbitrary code via unknown vectors related to the layout engine.

CVE-2008-2799 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2799):
  Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15,
  Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote
  attackers to cause a denial of service (application crash) and possibly
  execute arbitrary code via unknown vectors related to the JavaScript engine.

CVE-2008-2800 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2800):
  Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote
  attackers to bypass the Same Origin Policy and conduct cross-site scripting
  (XSS) attacks via vectors involving (1) an event handler attached to an outer
  window, (2) a SCRIPT element in an unloaded document, or (3) the
  onreadystatechange handler in conjunction with an XMLHttpRequest.

CVE-2008-2801 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2801):
  Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly
  implement JAR signing, which allows remote attackers to execute arbitrary
  code via (1) injection of JavaScript into documents within a JAR archive or
  (2) a JAR archive that uses relative URLs to JavaScript files.

CVE-2008-2802 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2802):
  Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and
  SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via
  an XUL document that includes a script from a chrome: URI that points to a
  fastload file, related to this file's "privilege level."

CVE-2008-2803 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2803):
  The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before
  2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does
  not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data:
  URIs, or (3) certain non-canonical chrome: URIs, which allows remote
  attackers to execute arbitrary code via vectors involving third-party add-ons.

CVE-2008-2805 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2805):
  Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote
  attackers to force the upload of arbitrary local files from a client computer
  via vectors involving originalTarget and DOM Range.

CVE-2008-2806 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2806):
  Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow
  remote attackers to bypass the Same Origin Policy and create arbitrary socket
  connections via a crafted Java applet, related to the Java Embedding Plugin
  (JEP) and Java LiveConnect.

CVE-2008-2807 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2807):
  Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly
  handle an invalid .properties file for an add-on, which allows remote
  attackers to read uninitialized memory, as demonstrated by use of ISO 8859
  encoding instead of UTF-8 encoding in a French .properties file.

CVE-2008-2808 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2808):
  Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly
  escape HTML in file:// URLs in directory listings, which allows remote
  attackers to conduct cross-site scripting (XSS) attacks or have unspecified
  other impact via a crafted filename.

CVE-2008-2809 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2809):
  Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey
  1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based
  web browsers, when a user accepts an SSL server certificate on the basis of
  the CN domain name in the DN field, regard the certificate as also accepted
  for all domain names in subjectAltName:dNSName fields, which makes it easier
  for remote attackers to trick a user into accepting an invalid certificate
  for a spoofed web site.

CVE-2008-2810 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2810):
  Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly
  identify the context of Windows shortcut files, which allows user-assisted
  remote attackers to bypass the Same Origin Policy via a crafted web site for
  which the user has previously saved a shortcut.

CVE-2008-2811 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2811):
  The block reflow implementation in Mozilla Firefox before 2.0.0.15,
  Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote
  attackers to execute arbitrary code or cause a denial of service (application
  crash) via an image whose display requires more pixels than nscoord_MAX,
  related to nsBlockFrame::DrainOverflowLines.
Comment 11 Robert Buchholz (RETIRED) gentoo-dev 2008-08-06 00:43:46 UTC
GLSA 200808-03