Ubuntu
firefox-3.0 package

New security release 3.0.6

Bug #326077 reported by Kow on 2009-02-06

254

Affects		Status	Importance	Assigned to	Milestone
	firefox-3.0 (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Fixed in Firefox 3.0.6
MFSA 2009-06 Directives to not cache pages ignored
MFSA 2009-05 XMLHttpRequest allows reading HTTPOnly cookies
MFSA 2009-04 Chrome privilege escalation via local .desktop files
MFSA 2009-03 Local file stealing with SessionStore
MFSA 2009-02 XSS using a chrome XBL method and window.eval
MFSA 2009-01 Crashes with evidence of memory corruption (rv:1.9.0.6)

http://www.mozilla.com/en-US/firefox/3.0.6/releasenotes/

This needs to be pushed into intrepid and hardy.

Revision history for this message

Kow (kow) wrote on 2009-02-06:

I think xulrunner-1.9 is affected also.

Revision history for this message

Marc Deslauriers (mdeslaur) wrote on 2009-02-06:

Packages are currently making their way through the security build queue.

Changed in firefox:
status:	New → In Progress

Revision history for this message

Fabio Parri (parrif-ibb) wrote on 2009-02-10:

Are there any problem with the package building? It's taking longer than usual :)

Kow (kow) on 2009-02-11

Changed in firefox:
status:	In Progress → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntufirefox-3.0 package

New security release 3.0.6

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
firefox-3.0 package