Ubuntu
mozilla package

security issue revealed: CAN-2005-2871

Bug #21308 reported by Debian Bug Importer
28
Affects Status Importance Assigned to Milestone
mozilla (Debian)
Fix Released
Unknown
mozilla (Ubuntu)
Fix Released
High
Martin Pitt

Bug Description

Automatically imported from Debian bug report #327455 http://bugs.debian.org/327455

See original description
Revision history for this message
In , Alexander Sack (asac) wrote : Re: Bug#327455: security issue revealed: CAN-2005-2871

On Sat, Sep 10, 2005 at 11:03:21AM +0200, Alexander Sack wrote:
> Package: mozilla
> Version: 2:1.7.8-1sarge2
> Severity: critical
> Tags: security patch
>
> a security issue has been discovered. A workaround fix is available from
> the bug report. This applies to the latest and pending sarge and unstable
> version of mozilla.
>
> The issue is named: CAN-2005-2871
>
> MFSA id is still missing.
>
> The upstream bug report is: #307259.
>
> A patch for aviary branch and HEAD is attached to the bugzilla bug.
>
>

Additional info on this issue:

https://addons.mozilla.org/messages/307259.html

--
 GPG messages preferred. | .''`. ** Debian GNU/Linux **
 Alexander Sack | : :' : The universal
 <email address hidden> | `. `' Operating System
 http://www.asoftsite.org | `- http://www.debian.org

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #327455 http://bugs.debian.org/327455

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <E1EE1Gb-0005lR-9z@hanson>
Date: Sat, 10 Sep 2005 11:03:21 +0200
From: Alexander Sack <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: security issue revealed: CAN-2005-2871

Package: mozilla
Version: 2:1.7.8-1sarge2
Severity: critical
Tags: security patch

a security issue has been discovered. A workaround fix is available from
the bug report. This applies to the latest and pending sarge and unstable
version of mozilla.

The issue is named: CAN-2005-2871

MFSA id is still missing.

The upstream bug report is: #307259.

A patch for aviary branch and HEAD is attached to the bugzilla bug.

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Sat, 10 Sep 2005 11:24:46 +0200
From: Alexander Sack <email address hidden>
To: Alexander Sack <email address hidden>, <email address hidden>
Subject: Re: Bug#327455: security issue revealed: CAN-2005-2871

On Sat, Sep 10, 2005 at 11:03:21AM +0200, Alexander Sack wrote:
> Package: mozilla
> Version: 2:1.7.8-1sarge2
> Severity: critical
> Tags: security patch
>
> a security issue has been discovered. A workaround fix is available from
> the bug report. This applies to the latest and pending sarge and unstable
> version of mozilla.
>
> The issue is named: CAN-2005-2871
>
> MFSA id is still missing.
>
> The upstream bug report is: #307259.
>
> A patch for aviary branch and HEAD is attached to the bugzilla bug.
>
>

Additional info on this issue:

https://addons.mozilla.org/messages/307259.html

--
 GPG messages preferred. | .''`. ** Debian GNU/Linux **
 Alexander Sack | : :' : The universal
 <email address hidden> | `. `' Operating System
 http://www.asoftsite.org | `- http://www.debian.org

Revision history for this message
Matt Zimmerman (mdz) wrote :

*** Bug 21336 has been marked as a duplicate of this bug. ***

Revision history for this message
Sebastien Bacher (seb128) wrote :

*** Bug 21268 has been marked as a duplicate of this bug. ***

Revision history for this message
Sebastien Bacher (seb128) wrote :

 firefox (1.0.6-1ubuntu12) breezy; urgency=low
 .
   * netwerk/base/src/nsStandardURL.cpp:
     - patch from https://bugzilla.mozilla.org/show_bug.cgi?id=307259,
       fix "IDN buffer overflow security issue" (CAN-2005-2871).

Revision history for this message
Martin Pitt (pitti) wrote :

Thunderbird and Mozilla have been fixed in Breezy, too.

stable updates were uploaded, will be released soon.

Revision history for this message
Martin Pitt (pitti) wrote :

(In reply to comment #6)

> stable updates were uploaded, will be released soon.

Done, USN-181-1.

Revision history for this message
In , Loïc Minier (lool) wrote : Re: Bug#327366: epiphany-browser: Susceptible to mozilla-firefox "Host:" buffer overflow?

tags 327366 + upstream fixed-upstream patch
severity 327366 critical
merge 327366 327455
retitle 327366 [CAN-2005-2871] IDN buffer overflow [MFSA 2005-57]
thanks

        Hi,

On Fri, Sep 09, 2005, Sam Morris wrote:
> A buffer overflow vulnerability exists within Firefox version 1.0.6 and
> all other prior versions which allows for an attacker to remotely execute
> arbitrary code on an affected host.

 When reporting bugs against Epiphany or Galeon, please check whether
 Mozilla, their engine, is affected. In the future, the engine of these
 browsers might switch from Mozilla to Firefox though.

> The problem seems to be when a hostname which has all dashes causes the
> NormalizeIDN call in nsStandardURL::BuildNormalizedSpec to return true,
> but is sets encHost to an empty string.

 This is "fixed" in Mozilla 1.7.12 by disabling IDN and/or installing a
 patch as explained at:
    <https://addons.mozilla.org/messages/307259.html>

   Bye,

--
Loïc Minier <email address hidden>

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Mon, 26 Sep 2005 10:53:07 +0200
From: =?iso-8859-1?Q?Lo=EFc?= Minier <email address hidden>
To: Sam Morris <email address hidden>, <email address hidden>,
 <email address hidden>
Subject: Re: Bug#327366: epiphany-browser: Susceptible to mozilla-firefox "Host:" buffer overflow?

tags 327366 + upstream fixed-upstream patch
severity 327366 critical
merge 327366 327455
retitle 327366 [CAN-2005-2871] IDN buffer overflow [MFSA 2005-57]
thanks

        Hi,

On Fri, Sep 09, 2005, Sam Morris wrote:
> A buffer overflow vulnerability exists within Firefox version 1.0.6 and=
 =20
> all other prior versions which allows for an attacker to remotely execu=
 te=20
> arbitrary code on an affected host.

 When reporting bugs against Epiphany or Galeon, please check whether
 Mozilla, their engine, is affected. In the future, the engine of these
 browsers might switch from Mozilla to Firefox though.

> The problem seems to be when a hostname which has all dashes causes the=
=20
> NormalizeIDN call in nsStandardURL::BuildNormalizedSpec to return true,=
=20
> but is sets encHost to an empty string.

 This is "fixed" in Mozilla 1.7.12 by disabling IDN and/or installing a
 patch as explained at:
    <https://addons.mozilla.org/messages/307259.html>

   Bye,

--=20
Lo=EFc Minier <email address hidden>

Revision history for this message
In , Alexander Sack (asac) wrote : Fixed in NMU of mozilla 2:1.7.12-1
Download full text (3.9 KiB)

tag 318723 + fixed
tag 321644 + fixed
tag 325532 + fixed
tag 327366 + fixed
tag 327455 + fixed
tag 329778 + fixed
tag 332480 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 6 Oct 2005 23:48:00 +0200
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.12-1
Distribution: unstable
Urgency: high
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 318723 321644 325532 327366 327455 329778 332480
Changes:
 mozilla (2:1.7.12-1) unstable; urgency=high
 .
   * NMU: fixing several security issues and most important RC bugs.
     (Closes: 332480)
   * new upstream version 1.7.12 fixes:
     + [CAN-2005-2871] IDN buffer overflow [MFSA 2005-57] (Closes: 327366)
     + security issue revealed: CAN-2005-2871 (Closes: 327455)
     + mozilla: Multiple security issues fixed in 1.7.12 (Closes: 329778)
     + javascript crasher - unsure about this ... have to test.
       (Closes: 318723)
     + mozilla 1.7.10 version crashes almost immediately (Closes: 321644)
   * applied patch by Steve Langasek <email address hidden> to make mozilla
     build on arm and other archs. (Closes: 325532)
Files:
 766dea59ec7f68b837ea0d42fd5a4188 1093 web optional mozilla_1.7.12-1.dsc
 6b5e421f09fef73ad972c8f6d7f7137b 30586755 web optional mozilla_1.7.12.orig.tar.gz
 0f7b83c1b25d5a6e3811c5d5add782ed 325638 web optional mozilla_1.7.12-1.diff.gz
 ad6d45717329823d52b98a7a5c9436ca 1022 web optional mozilla_1.7.12-1_i386.deb
 79c50292a9d41f7804c6b122d5989eec 9385338 web optional mozilla-browser_1.7.12-1_i386.deb
 d5b7b50bc5dd19ab8e8dc64aa05c12e9 3588608 devel optional mozilla-dev_1.7.12-1_i386.deb
 fdb59d0a9868df3d9bbaf72f3e997fab 1722632 mail optional mozilla-mailnews_1.7.12-1_i386.deb
 58cb2343e9d24d37ee35f596785fb5c3 158312 net optional mozilla-chatzilla_1.7.12-1_i386.deb
 b1e4b565ff92d53903726bf9ed5de29a 180280 web optional mozilla-psm_1.7.12-1_i386.deb
 b57fa3506af263edd8a6b464e8558605 115818 web optiona...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (4.1 KiB)

Message-Id: <email address hidden>
Date: Sun, 09 Oct 2005 13:32:45 -0700
From: Alexander Sack <email address hidden>
To: <email address hidden>
Cc: Alexander Sack <email address hidden>, Takuo KITAME <email address hidden>
Subject: Fixed in NMU of mozilla 2:1.7.12-1

tag 318723 + fixed
tag 321644 + fixed
tag 325532 + fixed
tag 327366 + fixed
tag 327455 + fixed
tag 329778 + fixed
tag 332480 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 6 Oct 2005 23:48:00 +0200
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.12-1
Distribution: unstable
Urgency: high
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 318723 321644 325532 327366 327455 329778 332480
Changes:
 mozilla (2:1.7.12-1) unstable; urgency=high
 .
   * NMU: fixing several security issues and most important RC bugs.
     (Closes: 332480)
   * new upstream version 1.7.12 fixes:
     + [CAN-2005-2871] IDN buffer overflow [MFSA 2005-57] (Closes: 327366)
     + security issue revealed: CAN-2005-2871 (Closes: 327455)
     + mozilla: Multiple security issues fixed in 1.7.12 (Closes: 329778)
     + javascript crasher - unsure about this ... have to test.
       (Closes: 318723)
     + mozilla 1.7.10 version crashes almost immediately (Closes: 321644)
   * applied patch by Steve Langasek <email address hidden> to make mozilla
     build on arm and other archs. (Closes: 325532)
Files:
 766dea59ec7f68b837ea0d42fd5a4188 1093 web optional mozilla_1.7.12-1.dsc
 6b5e421f09fef73ad972c8f6d7f7137b 30586755 web optional mozilla_1.7.12.orig.tar.gz
 0f7b83c1b25d5a6e3811c5d5add782ed 325638 web optional mozilla_1.7.12-1.diff.gz
 ad6d45717329823d52b98a7a5c9436ca 1022 web optional mozilla_1.7.12-1_i386.deb
 79c50292a9d41f7804c6b122d5989eec 9385338 web optional mozilla-browser_1.7.12-1_i386.deb
 d5b7b50bc5dd19ab8e8dc64aa05c12e9 3588608 devel optional mozilla-dev_1.7.12-1_i386.deb
 fdb59d0a9868df3d9bbaf72f3e997fab 1722632 mail ...

Read more...

Revision history for this message
In , Alexander Sack (asac) wrote : Fixed in NMU of mozilla 2:1.7.8-1sarge3
Download full text (5.6 KiB)

tag 321427 + fixed
tag 327366 + fixed
tag 329778 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 27 Sep 2005 13:00:00 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge3
Distribution: stable-security
Urgency: critical
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 321427 327366 329778
Changes:
 mozilla (2:1.7.8-1sarge3) stable-security; urgency=critical
 .
   * MFSA-2005-56a.debian: Regressions introduced by mozilla 1.7.9.
     Summary: Regressions introduced by mozilla 1.7.9 bugfix. There was no
       advisory for it (debian/patches/001_mfsa_2005-56a.patch)
     Closes: 321427
     Bugzilla: 294307 301917 300749
     Issues addressed:
       + Regressions introduced by mozilla 1.7.9 bugfix.
   * MFSA-2005-57: IDN heap overrun
     Summary: Tom Ferris reported a Firefox crash when processing a domain
       name consisting solely of soft-hyphen characters.
       (debian/patches/001_mfsa-2005-57.patch)
     Closes: 327366
     CVE-Ids: CAN-2005-2871
     Bugzilla: 307259 308281
     Issues addressed:
       + CAN-2005-2871 - IDN heap overrun
   * MFSA-2005-58: Accumulated vendor advisory for multiple vulnerabilities
     Summary: Fixes for multiple vulnerabilities with an overall severity
       of "critical" have been released in Mozilla Firefox 1.0.7 and
       the Mozilla Suite 1.7.12 (debian/patches/001_mfsa-2005-58.patch)
     Closes: 329778
     CVE-Ids: CAN-2005-2701 CAN-2005-2702 CAN-2005-2703 CAN-2005-2704
       CAN-2005-2705 CAN-2005-2706 CAN-2005-2707
     Bugzilla: 300936 296134 297078 302263 299518 303213 304754 306261
        306804 291178 300853 301180 302100
     Issues addressed:
       + CAN-2005-2701 - Heap overrun in XBM image processing
       + CAN-2005-2702 - Crash on "zero-width non-joiner" sequence
       + CAN-2005-2703 - XMLHttpRequest header spoofing
       + CAN-2005-2704 - Object spoofing using XBL <implements>...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (5.8 KiB)

Message-Id: <email address hidden>
Date: Sat, 12 Nov 2005 01:03:12 -0800
From: Alexander Sack <email address hidden>
To: <email address hidden>
Cc: Alexander Sack <email address hidden>, Takuo KITAME <email address hidden>
Subject: Fixed in NMU of mozilla 2:1.7.8-1sarge3

tag 321427 + fixed
tag 327366 + fixed
tag 329778 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 27 Sep 2005 13:00:00 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge3
Distribution: stable-security
Urgency: critical
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 321427 327366 329778
Changes:
 mozilla (2:1.7.8-1sarge3) stable-security; urgency=critical
 .
   * MFSA-2005-56a.debian: Regressions introduced by mozilla 1.7.9.
     Summary: Regressions introduced by mozilla 1.7.9 bugfix. There was no
       advisory for it (debian/patches/001_mfsa_2005-56a.patch)
     Closes: 321427
     Bugzilla: 294307 301917 300749
     Issues addressed:
       + Regressions introduced by mozilla 1.7.9 bugfix.
   * MFSA-2005-57: IDN heap overrun
     Summary: Tom Ferris reported a Firefox crash when processing a domain
       name consisting solely of soft-hyphen characters.
       (debian/patches/001_mfsa-2005-57.patch)
     Closes: 327366
     CVE-Ids: CAN-2005-2871
     Bugzilla: 307259 308281
     Issues addressed:
       + CAN-2005-2871 - IDN heap overrun
   * MFSA-2005-58: Accumulated vendor advisory for multiple vulnerabilities
     Summary: Fixes for multiple vulnerabilities with an overall severity
       of "critical" have been released in Mozilla Firefox 1.0.7 and
       the Mozilla Suite 1.7.12 (debian/patches/001_mfsa-2005-58.patch)
     Closes: 329778
     CVE-Ids: CAN-2005-2701 CAN-2005-2702 CAN-2005-2703 CAN-2005-2704
       CAN-2005-2705 CAN-2005-2706 CAN-2005-2707
     Bugzilla: 300936 296134 297078 302263 299518 303213 304754 306261
        306804 291178 300853 301180 302...

Read more...

Revision history for this message
In , Alexander Sack (asac) wrote :
Download full text (5.6 KiB)

tag 321427 + fixed
tag 327366 + fixed
tag 329778 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 27 Sep 2005 13:00:00 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge3
Distribution: stable-security
Urgency: critical
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 321427 327366 329778
Changes:
 mozilla (2:1.7.8-1sarge3) stable-security; urgency=critical
 .
   * MFSA-2005-56a.debian: Regressions introduced by mozilla 1.7.9.
     Summary: Regressions introduced by mozilla 1.7.9 bugfix. There was no
       advisory for it (debian/patches/001_mfsa_2005-56a.patch)
     Closes: 321427
     Bugzilla: 294307 301917 300749
     Issues addressed:
       + Regressions introduced by mozilla 1.7.9 bugfix.
   * MFSA-2005-57: IDN heap overrun
     Summary: Tom Ferris reported a Firefox crash when processing a domain
       name consisting solely of soft-hyphen characters.
       (debian/patches/001_mfsa-2005-57.patch)
     Closes: 327366
     CVE-Ids: CAN-2005-2871
     Bugzilla: 307259 308281
     Issues addressed:
       + CAN-2005-2871 - IDN heap overrun
   * MFSA-2005-58: Accumulated vendor advisory for multiple vulnerabilities
     Summary: Fixes for multiple vulnerabilities with an overall severity
       of "critical" have been released in Mozilla Firefox 1.0.7 and
       the Mozilla Suite 1.7.12 (debian/patches/001_mfsa-2005-58.patch)
     Closes: 329778
     CVE-Ids: CAN-2005-2701 CAN-2005-2702 CAN-2005-2703 CAN-2005-2704
       CAN-2005-2705 CAN-2005-2706 CAN-2005-2707
     Bugzilla: 300936 296134 297078 302263 299518 303213 304754 306261
        306804 291178 300853 301180 302100
     Issues addressed:
       + CAN-2005-2701 - Heap overrun in XBM image processing
       + CAN-2005-2702 - Crash on "zero-width non-joiner" sequence
       + CAN-2005-2703 - XMLHttpRequest header spoofing
       + CAN-2005-2704 - Object spoofing using XBL <implements>...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (5.8 KiB)

Message-Id: <email address hidden>
Date: Fri, 16 Dec 2005 21:34:34 -0800
From: Alexander Sack <email address hidden>
To: <email address hidden>
Cc: Alexander Sack <email address hidden>, Takuo KITAME <email address hidden>
Subject: Fixed in NMU of mozilla 2:1.7.8-1sarge3

tag 321427 + fixed
tag 327366 + fixed
tag 329778 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload. The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 27 Sep 2005 13:00:00 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge3
Distribution: stable-security
Urgency: critical
Maintainer: Takuo KITAME <email address hidden>
Changed-By: Alexander Sack <email address hidden>
Description:
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4 - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3 - Network Security Service Libraries - runtime
 mozilla - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 321427 327366 329778
Changes:
 mozilla (2:1.7.8-1sarge3) stable-security; urgency=critical
 .
   * MFSA-2005-56a.debian: Regressions introduced by mozilla 1.7.9.
     Summary: Regressions introduced by mozilla 1.7.9 bugfix. There was no
       advisory for it (debian/patches/001_mfsa_2005-56a.patch)
     Closes: 321427
     Bugzilla: 294307 301917 300749
     Issues addressed:
       + Regressions introduced by mozilla 1.7.9 bugfix.
   * MFSA-2005-57: IDN heap overrun
     Summary: Tom Ferris reported a Firefox crash when processing a domain
       name consisting solely of soft-hyphen characters.
       (debian/patches/001_mfsa-2005-57.patch)
     Closes: 327366
     CVE-Ids: CAN-2005-2871
     Bugzilla: 307259 308281
     Issues addressed:
       + CAN-2005-2871 - IDN heap overrun
   * MFSA-2005-58: Accumulated vendor advisory for multiple vulnerabilities
     Summary: Fixes for multiple vulnerabilities with an overall severity
       of "critical" have been released in Mozilla Firefox 1.0.7 and
       the Mozilla Suite 1.7.12 (debian/patches/001_mfsa-2005-58.patch)
     Closes: 329778
     CVE-Ids: CAN-2005-2701 CAN-2005-2702 CAN-2005-2703 CAN-2005-2704
       CAN-2005-2705 CAN-2005-2706 CAN-2005-2707
     Bugzilla: 300936 296134 297078 302263 299518 303213 304754 306261
        306804 291178 300853 301180 302...

Read more...

Revision history for this message
In , Adam D. Barratt (debian-bts-adam-barratt) wrote : Bugs fixed in NMU, documenting versions

# Hi,
#
# These bugs were fixed in an NMU, but have not been acknowledged by the
# maintainers. With version tracking in the Debian BTS, it is important
# to know which version of a package fixes each bug so that they can be
# tracked for release status, so I'm closing these bugs with the
#relevant version information now

close 271427 8.14+v8.11+urw-0.1
close 314698 0.35-2.1
close 325635 0.35-2.1
close 328017 0.35-2.1
close 320115 2.0-4.2
close 320284 1.11
close 320899 11.4.1870-7.1
close 327078 11.4.1870-7.1
close 327349 11.4.1870-7.1
close 320903 1:0.71-1.2
close 327946 1:0.71-1.2
close 320941 2.0.3-1.1
close 321126 2.6.3.2
close 321545 0.1.3b-1.1
close 341341 0.1.3b-1.1
close 321553 0.1.12-2.2
close 321644 2:1.7.12-1.1
close 346013 2:1.7.12-1.1
close 321816 2.61-2.1
close 321967 4.0.0-2.1
close 330024 4.0.0-2.1
close 321998 0.9.21-0.1
close 322583 0.3.8.1-4
close 322853 0.7.1-3.1
close 356739 0.7.1-3.1
close 322961 0.4.3.1.dfsg-0.1
close 322972 9.4.2-2.4
close 323084 0.4.5+cvs20030824-1.4
close 323160 0.1.10-0.1
close 323355 1.2.11-0.2
close 323725 0.18.2-10.1
close 323942 0.4.0-4.1
close 324371 4.3-18.1
close 324553 2.9.5.0.37.5.2
close 324558 1.2-release-2.1
close 324579 1.11-6.2
close 324606 1.2-release-2.2
close 324908 0.12.4-4.1
close 325210 2.6.0-1.1
close 325490 0.7.1-1.1
close 325514 0.8.6-1.1
close 326468 0.8.6-1.1
close 325532 2:1.7.12-1
close 327366 2:1.7.12-1
close 329778 2:1.7.12-1
close 332480 2:1.7.12-1
close 325635 0.35-2.1
close 328017 0.35-2.1
close 325835 0.1.12-7.1
close 325851 2:1.7.8-1sarge2
close 325938 0.9.8beta2-4.1
close 327930 0.9.8beta2-4.1
close 326285 0.99.3-5.1
close 326295 0.8.2-5.1
close 373110 0.8.2-5.1
close 379331 0.8.2-5.1
close 379334 0.8.2-5.1
close 326298 0.2.12-2.1
close 326311 0.3.5-1pre1.1
close 326355 2.1.8-2.1
close 326362 0.6-7.2
close 326371 0.90beta1-10.1
close 326372 1.0-0.1
close 326378 0.1.17-4.3
close 326466 6.3.2-2.1
close 347129 6.3.2-2.1
close 347205 6.3.2-2.1
close 326489 0.3.7-2.1
close 326756 1.0.9-1.1
close 365518 1.0.9-1.1
close 327429 1.2-1.1
close 350429 1.2-1.1
close 327911 2.3.5-1.1
close 327718 0.6.0-8.2
close 327933 0.9.2-1.1
close 327936 0.8.5-1.1
close 327970 0.5.1-2.1
close 327984 1.3-2.1
close 327986 0.2.36-4.1
close 291328 0.2.36-4.1
close 327996 1.0-1.1
close 328002 1.0.0-9.1
close 328018 2.1.3-2.1
close 328039 1.18A-2.1
close 328172 1.002-0.2
close 328333 4.1.2-1.1
close 328334 1.34-7.1
close 328335 0.8.2-2.1
close 328352 0.13-3.1
close 328364 0.4.0-test5-2.1
close 329467 1.3.1
close 330446 0.1.83
close 333857 0.1.83
close 330666 6:6.2.4.5-0.2
close 330938 0.5.1-2.2

Bug Watch Updater (bug-watch-updater)
Changed in mozilla:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.