[warty] mozilla-firefox: JS can access any firefox memory

Automatically imported from Debian bug report #302775 http://bugs.debian.org/302775

Message-ID: <email address hidden>
Date: Sun, 3 Apr 2005 00:52:40 +0400
From: "Alexandra N. Kossovsky" <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: mozilla-firefox: JS can access any firefox memory

Package: mozilla-firefox
Version: 1.0.2-1
Severity: grave
Tags: security patch
Justification: user security hole

https://bugzilla.mozilla.org/show_bug.cgi?id=288688

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (999, 'testing'), (50, 'experimental'), (50, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=C, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)

Versions of packages mozilla-firefox depends on:
ii debianutils 2.8.4 Miscellaneous utilities specific t
ii fontconfig 2.3.1-2 generic font configuration library
ii libatk1.0-0 1.8.0-4 The ATK accessibility toolkit
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libfontconfig1 2.3.1-2 generic font configuration library
ii libfreetype6 2.1.7-2.3 FreeType 2 font engine, shared lib
ii libgcc1 1:3.4.3-6 GCC support library
ii libglib2.0-0 2.6.3-1 The GLib library of C routines
ii libgtk2.0-0 2.6.2-4 The GTK+ graphical user interface
ii libidl0 0.8.5-1 library for parsing CORBA IDL file
ii libjpeg62 6b-9 The Independent JPEG Group's JPEG
ii libkrb53 1.3.6-1 MIT Kerberos runtime libraries
ii libpango1.0-0 1.8.1-1 Layout and rendering of internatio
ii libpng12-0 1.2.8rel-1 PNG library - runtime
ii libstdc++5 1:3.3.5-8 The GNU Standard C++ Library v3
ii libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li
ii libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii libxft2 2.1.2-6 FreeType-based font drawing librar
ii libxp6 4.3.0.dfsg.1-10 X Window System printing extension
ii libxt6 4.3.0.dfsg.1-10 X Toolkit Intrinsics
ii psmisc 21.5-1 Utilities that use the proc filesy
ii xlibs 4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu
ii zlib1g 1:1.2.2-3 compression library - runtime

-- no debconf information

--
Regards,
        Sasha.
Alexandra N. Kossovsky, software engineer.
e-mail: <email address hidden>

Fixed in hoary; retargeting for warty

Message-Id: <email address hidden>
Date: Wed, 06 Apr 2005 10:47:34 -0400
From: Eric Dorland <email address hidden>
To: <email address hidden>
Subject: Bug#302775: fixed in mozilla-firefox 1.0.2-3

Source: mozilla-firefox
Source-Version: 1.0.2-3

We believe that the bug you reported is fixed in the latest version of
mozilla-firefox, which is due to be installed in the Debian FTP archive:

mozilla-firefox-dom-inspector_1.0.2-3_i386.deb
  to pool/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.2-3_i386.deb
mozilla-firefox-gnome-support_1.0.2-3_i386.deb
  to pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.2-3_i386.deb
mozilla-firefox_1.0.2-3.diff.gz
  to pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-3.diff.gz
mozilla-firefox_1.0.2-3.dsc
  to pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-3.dsc
mozilla-firefox_1.0.2-3_i386.deb
  to pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-3_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Eric Dorland <email address hidden> (supplier of updated mozilla-firefox package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 6 Apr 2005 01:36:11 -0400
Source: mozilla-firefox
Binary: mozilla-firefox mozilla-firefox-gnome-support mozilla-firefox-dom-inspector
Architecture: source i386
Version: 1.0.2-3
Distribution: unstable
Urgency: high
Maintainer: Eric Dorland <email address hidden>
Changed-By: Eric Dorland <email address hidden>
Description:
 mozilla-firefox - lightweight web browser based on Mozilla
 mozilla-firefox-dom-inspector - tool for inspecting the DOM of pages in Mozilla Firefox
 mozilla-firefox-gnome-support - Support for Gnome in Mozilla Firefox
Closes: 301485 302775
Changes:
 mozilla-firefox (1.0.2-3) unstable; urgency=high
 .
   * gfx/src/freetype/nsFreeType.cpp,
     netwerk/protocol/http/src/nsHttpConnectionMgr.cpp,
     security/nss/lib/pki1/oiddata.h, security/nss/lib/pki1/pki1.h,
     widget/src/gtk2/nsDragService.cpp: Fixes for gcc-4.0,
     bz#289238. (Closes: #301485)
   * js/src/jsstr.c: Fix for JS memory access security bug, patch from
     bz#288688. (Closes: #302775)
Files:
 731b9042353ac60d9c0180080f705504 990 web optional mozilla-firefox_1.0.2-3.dsc
 ba7ce5f66754bedbd7dd34085e38fd2e 221161 web optional mozilla-firefox_1.0.2-3.diff.gz
 70b870d12cfcf6d692f4d7e3ee1096fa 8877582 web optional mozilla-firefox_1.0.2-3_i386.deb
 d4343bec03e9c73a0c162ead5e560d4e 154344 web optional mozilla-firefox-dom-inspector_1.0.2-3_i386.deb
 e13ba6b65593af580464036623ed74f6 51616 web optional mozilla-firefox-gnome-support_1.0.2-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCU/LLYemOzxbZcMYRAqUhAJ4hIoJH7bFJw4SNhkVVcmDGfH04/ACgjsYJ
1WiDV8sW6BBSBynfsUizm...

Warty was fixed in USN-149-3.