Ubuntu
firefox package

Bug #14933
Comment #2

Comment 2 for bug 14933

Revision history for this message

Debian Bug Importer (debzilla) wrote on 2005-04-04:

Message-ID: <email address hidden>
Date: Sun, 3 Apr 2005 00:52:40 +0400
From: "Alexandra N. Kossovsky" <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: mozilla-firefox: JS can access any firefox memory

Package: mozilla-firefox
Version: 1.0.2-1
Severity: grave
Tags: security patch
Justification: user security hole

https://bugzilla.mozilla.org/show_bug.cgi?id=288688

-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (999, 'testing'), (50, 'experimental'), (50, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=C, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)

Versions of packages mozilla-firefox ii debianutils 2.8.4 ii fontconfig 2.3.1-2 ii libatk1.0-0 1.8.0-4 ii libc6 2.3.2.ds1-20 ii libfontconfig1 2.3.1-2 ii libfreetype6 2.1.7-2.3 ii libgcc1 1:3.4.3-6 ii libglib2.0-0 2.6.3-1 ii libgtk2.0-0 2.6.2-4 ii libidl0 0.8.5-1 ii libjpeg62 6b-9 ii libkrb53 1.3.6-1 ii libpango1.0-0 1.8.1-1 ii libpng12-0 1.2.8rel-1 ii libstdc++5 1:3.3.5-8 ii libx11-6 ii libxext6 ii libxft2 2.1.2-6 ii libxp6 ii libxt6 ii psmisc 21.5-1 ii xlibs ii zlib1g 1:1.2.2-3 depends on:
Miscellaneous utilities specific t
generic font configuration library
The ATK accessibility toolkit
GNU C Library: Shared libraries an
generic font configuration library
FreeType 2 font engine, shared lib
GCC support library
The GLib library of C routines
The GTK+ graphical user interface
library for parsing CORBA IDL file
The Independent JPEG Group's JPEG
MIT Kerberos runtime libraries
Layout and rendering of internatio
PNG library - runtime
The GNU Standard C++ Library v3
4.3.0.dfsg.1-10 X Window System protocol client li
4.3.0.dfsg.1-10 X Window System miscellaneous exte
FreeType-based font drawing librar
4.3.0.dfsg.1-10 X Window System printing extension
4.3.0.dfsg.1-10 X Toolkit Intrinsics
Utilities that use the proc filesy
4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu
compression library - runtime

-- no debconf information

--
Regards,
Sasha.
Alexandra N. Kossovsky, software engineer.
e-mail: <email address hidden>

Message-ID: <20050402205240.GA28439@sanechka.spb.ru>
Date: Sun, 3 Apr 2005 00:52:40 +0400
From: "Alexandra N. Kossovsky" <sasha@oktetlabs.ru>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: mozilla-firefox: JS can access any firefox memory

Package: mozilla-firefox
Version: 1.0.2-1
Severity: grave
Tags: security patch
Justification: user security hole

https://bugzilla.mozilla.org/show_bug.cgi?id=288688

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (999, 'testing'), (50, 'experimental'), (50, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=C, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)

Versions of packages mozilla-firefox depends on:
ii  debianutils              2.8.4           Miscellaneous utilities specific t
ii  fontconfig               2.3.1-2         generic font configuration library
ii  libatk1.0-0              1.8.0-4         The ATK accessibility toolkit
ii  libc6                    2.3.2.ds1-20    GNU C Library: Shared libraries an
ii  libfontconfig1           2.3.1-2         generic font configuration library
ii  libfreetype6             2.1.7-2.3       FreeType 2 font engine, shared lib
ii  libgcc1                  1:3.4.3-6       GCC support library
ii  libglib2.0-0             2.6.3-1         The GLib library of C routines
ii  libgtk2.0-0              2.6.2-4         The GTK+ graphical user interface 
ii  libidl0                  0.8.5-1         library for parsing CORBA IDL file
ii  libjpeg62                6b-9            The Independent JPEG Group's JPEG 
ii  libkrb53                 1.3.6-1         MIT Kerberos runtime libraries
ii  libpango1.0-0            1.8.1-1         Layout and rendering of internatio
ii  libpng12-0               1.2.8rel-1      PNG library - runtime
ii  libstdc++5               1:3.3.5-8       The GNU Standard C++ Library v3
ii  libx11-6                 4.3.0.dfsg.1-10 X Window System protocol client li
ii  libxext6                 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii  libxft2                  2.1.2-6         FreeType-based font drawing librar
ii  libxp6                   4.3.0.dfsg.1-10 X Window System printing extension
ii  libxt6                   4.3.0.dfsg.1-10 X Toolkit Intrinsics
ii  psmisc                   21.5-1          Utilities that use the proc filesy
ii  xlibs                    4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu
ii  zlib1g                   1:1.2.2-3       compression library - runtime

-- no debconf information

-- 
Regards,
        Sasha.
Alexandra N. Kossovsky, software engineer.
e-mail: sasha@sanechka.spb.ru

Ubuntufirefox package

Comment 2 for bug 14933

Ubuntu
firefox package