Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 464226 - <mail-client/thunderbird{,-bin}-17.0.5 <www-client/firefox{,-bin}-17.0.5 <www-client/seamonkey{,-bin}-2.17 : multiple vulnerabilities (CVE-2013-{0788,0789,0791,0792,0793,0794,0795,0796,0797,0799,0800})
Summary: <mail-client/thunderbird{,-bin}-17.0.5 <www-client/firefox{,-bin}-17.0.5 <www...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A2 [glsa]
Keywords:
: 464686 464692 (view as bug list)
Depends on: CVE-2013-0801
Blocks: CVE-2013-0787
  Show dependency tree
 
Reported: 2013-04-02 19:32 UTC by Agostino Sarubbo
Modified: 2013-10-06 15:28 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-04-02 19:32:30 UTC
MFSA 2013-40 Out-of-bounds array read in CERT_DecodeCertPackage
MFSA 2013-39 Memory corruption while rendering grayscale PNG images
MFSA 2013-38 Cross-site scripting (XSS) using timed history navigations
MFSA 2013-37 Bypass of tab-modal dialog origin disclosure
MFSA 2013-36 Bypass of SOW protections allows cloning of protected nodes
MFSA 2013-35 WebGL crash with Mesa graphics driver on Linux
MFSA 2013-34 Privilege escalation through Mozilla Updater
MFSA 2013-33 World read and write access to app_tmp directory
MFSA 2013-32 Privilege escalation through Mozilla Maintenance Service
MFSA 2013-31 Out-of-bounds write in Cairo library
MFSA 2013-30 Miscellaneous memory safety hazards (rv:20.0 / rv:17.0.5)
Comment 1 Jory A. Pratt gentoo-dev 2013-04-04 18:46:41 UTC
All ebuilds should now be in tree, give a few days if all is fine in bugzy proceed with stabilization.
Comment 2 Daniel Bumke 2013-04-05 08:08:28 UTC
(In reply to comment #1)
> All ebuilds should now be in tree, give a few days if all is fine in bugzy
> proceed with stabilization.

No mail-client/thunderbird?
Comment 3 Agostino Sarubbo gentoo-dev 2013-04-05 09:28:26 UTC
*** Bug 464686 has been marked as a duplicate of this bug. ***
Comment 4 Lars Wendler (Polynomial-C) gentoo-dev 2013-04-05 09:31:15 UTC
mail-client/thunderbird-17.0.5, www-client/firefox-17.0.5 and www-client/seamonkey-2.17 are all available in the tree now.
Comment 5 Agostino Sarubbo gentoo-dev 2013-04-05 10:17:17 UTC
*** Bug 464692 has been marked as a duplicate of this bug. ***
Comment 6 Lars Wendler (Polynomial-C) gentoo-dev 2013-04-07 09:49:04 UTC
Arches please test and mark stable the following packages:

=mail-client/thunderbird-17.0.5
Target KEYWORDS: "amd64 arm ppc ppc64 x86"

=mail-client/thunderbird-bin-17.0.5
Target KEYWORDS: "amd64 x86"

=www-client/firefox-17.0.5
Target KEYWORDS: "alpha amd64 arm ia64 ppc ppc64 x86"

=www-client/firefox-bin-17.0.5
Target KEYWORDS: "amd64 x86"

=www-client/seamonkey-2.17
Target KEYWORDS: "amd64 x86"

=www-client/seamonkey-bin-2.17
Target KEYWORDS: "amd64 x86"
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2013-04-08 21:35:59 UTC
CVE-2013-0800 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0800):
  Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c
  in Pixman, as distributed with Cairo and used in Mozilla Firefox before
  20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird
  ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows
  remote attackers to execute arbitrary code via crafted values that trigger
  attempted use of a (1) negative box boundary or (2) negative box size,
  leading to an out-of-bounds write operation.

CVE-2013-0799 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0799):
  Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before
  20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and
  Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain
  privileges via crafted arguments.

CVE-2013-0797 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0797):
  Untrusted search path vulnerability in the Mozilla Updater in Mozilla
  Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before
  17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allows
  local users to gain privileges via a Trojan horse DLL file in an unspecified
  directory.

CVE-2013-0796 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0796):
  The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before
  17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and
  SeaMonkey before 2.17 on Linux does not properly interact with Mesa drivers,
  which allows remote attackers to execute arbitrary code or cause a denial of
  service (free of unallocated memory) via unspecified vectors.

CVE-2013-0795 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0795):
  The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0,
  Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR
  17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the
  cloneNode method for cloning a protected node, which allows remote attackers
  to bypass the Same Origin Policy or possibly execute arbitrary JavaScript
  code with chrome privileges via a crafted web site.

CVE-2013-0794 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0794):
  Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin
  spoofing of tab-modal dialogs, which allows remote attackers to conduct
  phishing attacks via a crafted web site.

CVE-2013-0793 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0793):
  Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird
  before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17
  do not ensure the correctness of the address bar during history navigation,
  which allows remote attackers to conduct cross-site scripting (XSS) attacks
  or phishing attacks by leveraging control over navigation timing.

CVE-2013-0792 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0792):
  Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when
  gfx.color_management.enablev4 is used, do not properly handle color profiles
  during PNG rendering, which allows remote attackers to obtain sensitive
  information from process memory or cause a denial of service (memory
  corruption) via a grayscale PNG image.

CVE-2013-0791 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0791):
  The CERT_DecodeCertPackage function in Mozilla Network Security Services
  (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before
  17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5,
  SeaMonkey before 2.17, and other products, allows remote attackers to cause
  a denial of service (out-of-bounds read and memory corruption) via a crafted
  certificate.

CVE-2013-0789 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0789):
  Multiple unspecified vulnerabilities in the browser engine in Mozilla
  Firefox before 20.0 and SeaMonkey before 2.17 allow remote attackers to
  cause a denial of service (memory corruption and application crash) or
  possibly execute arbitrary code via vectors related to the
  nsContentUtils::HoldJSObjects function and the nsAutoPtr class, and other
  vectors.

CVE-2013-0788 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0788):
  Multiple unspecified vulnerabilities in the browser engine in Mozilla
  Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before
  17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 allow
  remote attackers to cause a denial of service (memory corruption and
  application crash) or possibly execute arbitrary code via unknown vectors.
Comment 8 Agostino Sarubbo gentoo-dev 2013-04-09 16:03:24 UTC
amd64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2013-04-09 16:07:39 UTC
x86 stable
Comment 10 Agostino Sarubbo gentoo-dev 2013-04-12 15:02:00 UTC
arm stable
Comment 11 Agostino Sarubbo gentoo-dev 2013-04-13 08:41:03 UTC
ppc stable
Comment 12 Agostino Sarubbo gentoo-dev 2013-04-13 08:43:05 UTC
ppc64 stable
Comment 13 Agostino Sarubbo gentoo-dev 2013-04-15 08:30:41 UTC
406821 is not anymore a blocker
Comment 14 Agostino Sarubbo gentoo-dev 2013-05-16 15:38:32 UTC
alpha/ia64 will continue in bug 469868
Comment 15 GLSAMaker/CVETool Bot gentoo-dev 2013-09-30 00:29:14 UTC
This issue was resolved and addressed in
 GLSA 201309-23 at http://security.gentoo.org/glsa/glsa-201309-23.xml
by GLSA coordinator Chris Reffett (creffett).