-Denied write-access to properties on objects from scripts that fail a standard origin check, in order to block potential access by attackers to user's computer. Fixes critical vulnerability reported in GreyMagic Security Advisory GM#008-OP.
-Fixed security issue regarding spoofing of the addressfield by loading other page contents while keeping the URL, reported in Secunia Advisory SA12162.
-Blocked access to file:/ URLs from documents that are not themselves loaded from file:/ URLs.
*** Bug 58511 has been marked as a duplicate of this bug. ***
Heinrich please bump
bumped and marked stable on x86
Thx Heinrich for the quick bump.
amd64, sparc please mark stable
ppc please mark ~
Marked stable on amd64.
Stable on sparc.
Keywords all set, ready for a GLSA