35653 – Mozilla Partially Vulnerable to Internet Explorer URL Spoofing Security Flaw

Bug 35653 - Mozilla Partially Vulnerable to Internet Explorer URL Spoofing Security Flaw

Summary: Mozilla Partially Vulnerable to Internet Explorer URL Spoofing Security Flaw

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All All

Importance:	High normal (vote)
Assignee:	Mozilla Gentoo Team

URL:	http://www.mozillazine.org/talkback.h...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-12-12 04:13 UTC by Hanno Böck
Modified:	2004-04-26 08:45 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Hanno Böck gentoo-dev

2003-12-12 04:13:11 UTC

Full description to the vulnerability is at
http://www.mozillazine.org/talkback.html?article=4078

Mozilla bug 228176, a preliminary patch is already available
http://bugzilla.mozilla.org/show_bug.cgi?id=228176

Comment 1 solar (RETIRED) gentoo-dev

2003-12-17 10:44:20 UTC

Reassinging bug to our mozilla team as there is not alot our security team can do about this other than wait for mozilla-1.6 final. The decision to add/reject http://bugzilla.mozilla.org/attachment.cgi?id=137275&action=edit will have to be up to our mozilla team as well.

Comment 2 solar (RETIRED) gentoo-dev

2004-04-17 22:49:41 UTC

Hanno,

azarah, agriffis, brad make up the mozilla@ alias and none of them seem
to have any input.

What do you think should happen here?
Are you going to add the patches to portage and take care of mozilla 
now that the upstream bug has been resolved?

Comment 3 Aron Griffis (RETIRED) gentoo-dev

2004-04-26 08:45:41 UTC

Hmmm, I never actually saw this before!

Anyway, we're at 1.6 now, so this is resolved.