Ubuntu
mozilla package

Various security bugs unfixed in debian stable

Bug #20648 reported by Debian Bug Importer
4
Affects Status Importance Assigned to Milestone
mozilla (Debian)
Fix Released
Unknown
mozilla (Ubuntu)
Invalid
High
Unassigned

Bug Description

Automatically imported from Debian bug report #325851 http://bugs.debian.org/325851

See original description
Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #325851 http://bugs.debian.org/325851

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <E1EAPqQ-0007RL-Rw@hanson>
Date: Wed, 31 Aug 2005 12:29:26 +0200
From: Alexander Sack <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: Various security bugs unfixed in debian stable

Package: mozilla
Version: 2:1.7.8-1sarge1
Severity: critical
Tags: security

There are still unfixed security issues in the mozilla package in sarge,
namely:

    + CAN-2005-2270/MFSA 2005-56 Code execution through shared
      function objects
    + CAN-2005-2269/MFSA 2005-55 XHTML node spoofing
    + CAN-2005-2268/MFSA 2005-54 Javascript prompt origin spoofing
    + CAN-2005-2266/MFSA 2005-52 Same origin violation: frame
      calling top.focus()
    + CAN-2005-2265/MFSA 2005-50 Possibly exploitable crash in
      InstallVersion.compareTo()
    + CAN-2005-2263/MFSA 2005-48 Same-origin violation with InstallTrigger
      callback
    + CAN-2005-2261/MFSA 2005-46 XBL scripts ran even when Javascript
      disabled
    + CAN-2005-2260/MFSA 2005-45 Content-generated event vulnerabilities
    + CAN-2005-1937/MFSA 2005-51 The return of frame-injection spoofing
      (-> was already fixed with 2:1.7.8-1sarge1)

Revision history for this message
Matt Zimmerman (mdz) wrote :

sarge bug

Revision history for this message
In , Alexander Sack (asac) wrote : Re: Bug#325851: Various security bugs unfixed in debian stable

On Thu, Sep 01, 2005 at 09:23:52AM +0200, Florian Weimer wrote:
> * Alexander Sack:
>
> > Version: 2:1.7.8-1sarge1
>
> > + CAN-2005-1937/MFSA 2005-51 The return of frame-injection spoofing
> > (-> was already fixed with 2:1.7.8-1sarge1)
>
> Pardon? Is this one still open or not?

You are right, this problem is not in 2:1.7.8-1sarge1 ... I should have
dropped this from this bug report. Anyway, since the fix/patch is replaced and
in the next upload I listed this issue in this report too.

--
 GPG messages preferred. | .''`. ** Debian GNU/Linux **
 Alexander Sack | : :' : The universal
 <email address hidden> | `. `' Operating System
 http://www.asoftsite.org | `- http://www.debian.org

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Thu, 1 Sep 2005 11:55:35 +0200
From: Alexander Sack <email address hidden>
To: Florian Weimer <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#325851: Various security bugs unfixed in debian stable

On Thu, Sep 01, 2005 at 09:23:52AM +0200, Florian Weimer wrote:
> * Alexander Sack:
>
> > Version: 2:1.7.8-1sarge1
>
> > + CAN-2005-1937/MFSA 2005-51 The return of frame-injection spoofing
> > (-> was already fixed with 2:1.7.8-1sarge1)
>
> Pardon? Is this one still open or not?

You are right, this problem is not in 2:1.7.8-1sarge1 ... I should have
dropped this from this bug report. Anyway, since the fix/patch is replaced and
in the next upload I listed this issue in this report too.

--
 GPG messages preferred. | .''`. ** Debian GNU/Linux **
 Alexander Sack | : :' : The universal
 <email address hidden> | `. `' Operating System
 http://www.asoftsite.org | `- http://www.debian.org

Revision history for this message
In , Alexander Sack (asac) wrote : Fixed in NMU of mozilla 2:1.7.8-1sarge2
Download full text (4.2 KiB)

tag 325851 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 31 Aug 2005 06:00:00 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge2
Distribution: stable-security
Urgency: critical
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 325851
Changes:
 mozilla (2:1.7.8-1sarge2) stable-security; urgency=critical
 .
   * previous version was MFSA 2005-51 aka CAN-2004-0718. The change has been
     reverted and reapplied by this version.
   * fix multiple security issues. Reverts all changes made by previous
     security release 2:1.7.8-1.sarge1, because this one fixes all bugs.
     (Closes: 325851)
       + CAN-2005-2270/MFSA 2005-56 Code execution through shared function objects
       + CAN-2005-2269/MFSA 2005-55 XHTML node spoofing
       + CAN-2005-2268/MFSA 2005-54 Javascript prompt origin spoofing
       + CAN-2005-2266/MFSA 2005-52 Same origin violation: frame calling top.focus()
       + CAN-2005-1937/MFSA 2005-51 The return of frame-injection spoofing
       + CAN-2005-2265/MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
       + CAN-2005-2263/MFSA 2005-48 Same-origin violation with InstallTrigger callback
       + CAN-2005-2261/MFSA 2005-46 XBL scripts ran even when Javascript disabled
       + CAN-2005-2260/MFSA 2005-45 Content-generated event vulnerabilities
   * adapted overthespot.diff to changes needed by security patch
Files:
 c48d385962c84c57d6085e04483fe01c 1123 web optional mozilla_1.7.8-1sarge2.dsc
 e786529434e3cd0d0cdc9371fe5d727c 397348 web optional mozilla_1.7.8-1sarge2.diff.gz
 8401dcc3b9c2ac3c5e956d4d93c43724 1032 web optional mozilla_1.7.8-1sarge2_i386.deb
 b56563023bd65f213db1f0a138b4a38f 10322448 web optional mozilla-browser_1.7.8-1sarge2_i386.deb
 fbfcb714a164679a87b41f1896eeef4a 3591808 devel optional mozilla-dev_1.7.8-1sarge2_i386.deb
 2cc3dddc6921aafdf749c31a9e69e2e6 1816046 mail optional mozilla-...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (4.4 KiB)

Message-Id: <email address hidden>
Date: Tue, 13 Sep 2005 05:32:11 -0700
From: Alexander Sack <email address hidden>
To: <email address hidden>
Cc: Alexander Sack <email address hidden>, Takuo KITAME <email address hidden>
Subject: Fixed in NMU of mozilla 2:1.7.8-1sarge2

tag 325851 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 31 Aug 2005 06:00:00 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge2
Distribution: stable-security
Urgency: critical
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 325851
Changes:
 mozilla (2:1.7.8-1sarge2) stable-security; urgency=critical
 .
   * previous version was MFSA 2005-51 aka CAN-2004-0718. The change has been
     reverted and reapplied by this version.
   * fix multiple security issues. Reverts all changes made by previous
     security release 2:1.7.8-1.sarge1, because this one fixes all bugs.
     (Closes: 325851)
       + CAN-2005-2270/MFSA 2005-56 Code execution through shared function objects
       + CAN-2005-2269/MFSA 2005-55 XHTML node spoofing
       + CAN-2005-2268/MFSA 2005-54 Javascript prompt origin spoofing
       + CAN-2005-2266/MFSA 2005-52 Same origin violation: frame calling top.focus()
       + CAN-2005-1937/MFSA 2005-51 The return of frame-injection spoofing
       + CAN-2005-2265/MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
       + CAN-2005-2263/MFSA 2005-48 Same-origin violation with InstallTrigger callback
       + CAN-2005-2261/MFSA 2005-46 XBL scripts ran even when Javascript disabled
       + CAN-2005-2260/MFSA 2005-45 Content-generated event vulnerabilities
   * adapted overthespot.diff to changes needed by security patch
Files:
 c48d385962c84c57d6085e04483fe01c 1123 web optional mozilla_1.7.8-1sarge2.dsc
 e786529434e3cd0d0cdc9371fe5d727c 397348 web optional mozilla_1.7.8-1sarge2.diff.gz
 8401dcc3b9c2ac3c5e956d4d93c43724 1032 web optional mozilla...

Read more...

Revision history for this message
In , Adam D. Barratt (debian-bts-adam-barratt) wrote : Bugs fixed in NMU, documenting versions

# Hi,
#
# These bugs were fixed in an NMU, but have not been acknowledged by the
# maintainers. With version tracking in the Debian BTS, it is important
# to know which version of a package fixes each bug so that they can be
# tracked for release status, so I'm closing these bugs with the
#relevant version information now

close 271427 8.14+v8.11+urw-0.1
close 314698 0.35-2.1
close 325635 0.35-2.1
close 328017 0.35-2.1
close 320115 2.0-4.2
close 320284 1.11
close 320899 11.4.1870-7.1
close 327078 11.4.1870-7.1
close 327349 11.4.1870-7.1
close 320903 1:0.71-1.2
close 327946 1:0.71-1.2
close 320941 2.0.3-1.1
close 321126 2.6.3.2
close 321545 0.1.3b-1.1
close 341341 0.1.3b-1.1
close 321553 0.1.12-2.2
close 321644 2:1.7.12-1.1
close 346013 2:1.7.12-1.1
close 321816 2.61-2.1
close 321967 4.0.0-2.1
close 330024 4.0.0-2.1
close 321998 0.9.21-0.1
close 322583 0.3.8.1-4
close 322853 0.7.1-3.1
close 356739 0.7.1-3.1
close 322961 0.4.3.1.dfsg-0.1
close 322972 9.4.2-2.4
close 323084 0.4.5+cvs20030824-1.4
close 323160 0.1.10-0.1
close 323355 1.2.11-0.2
close 323725 0.18.2-10.1
close 323942 0.4.0-4.1
close 324371 4.3-18.1
close 324553 2.9.5.0.37.5.2
close 324558 1.2-release-2.1
close 324579 1.11-6.2
close 324606 1.2-release-2.2
close 324908 0.12.4-4.1
close 325210 2.6.0-1.1
close 325490 0.7.1-1.1
close 325514 0.8.6-1.1
close 326468 0.8.6-1.1
close 325532 2:1.7.12-1
close 327366 2:1.7.12-1
close 329778 2:1.7.12-1
close 332480 2:1.7.12-1
close 325635 0.35-2.1
close 328017 0.35-2.1
close 325835 0.1.12-7.1
close 325851 2:1.7.8-1sarge2
close 325938 0.9.8beta2-4.1
close 327930 0.9.8beta2-4.1
close 326285 0.99.3-5.1
close 326295 0.8.2-5.1
close 373110 0.8.2-5.1
close 379331 0.8.2-5.1
close 379334 0.8.2-5.1
close 326298 0.2.12-2.1
close 326311 0.3.5-1pre1.1
close 326355 2.1.8-2.1
close 326362 0.6-7.2
close 326371 0.90beta1-10.1
close 326372 1.0-0.1
close 326378 0.1.17-4.3
close 326466 6.3.2-2.1
close 347129 6.3.2-2.1
close 347205 6.3.2-2.1
close 326489 0.3.7-2.1
close 326756 1.0.9-1.1
close 365518 1.0.9-1.1
close 327429 1.2-1.1
close 350429 1.2-1.1
close 327911 2.3.5-1.1
close 327718 0.6.0-8.2
close 327933 0.9.2-1.1
close 327936 0.8.5-1.1
close 327970 0.5.1-2.1
close 327984 1.3-2.1
close 327986 0.2.36-4.1
close 291328 0.2.36-4.1
close 327996 1.0-1.1
close 328002 1.0.0-9.1
close 328018 2.1.3-2.1
close 328039 1.18A-2.1
close 328172 1.002-0.2
close 328333 4.1.2-1.1
close 328334 1.34-7.1
close 328335 0.8.2-2.1
close 328352 0.13-3.1
close 328364 0.4.0-test5-2.1
close 329467 1.3.1
close 330446 0.1.83
close 333857 0.1.83
close 330666 6:6.2.4.5-0.2
close 330938 0.5.1-2.2

Bug Watch Updater (bug-watch-updater)
Changed in mozilla:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.