Ubuntu
unity-firefox-extension package

  1. Bug #1069817
  2. Comment #18

Comment 18 for bug 1069817

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity-firefox-extension - 2.4.1-0ubuntu1.2

---------------
unity-firefox-extension (2.4.1-0ubuntu1.2) quantal-security; urgency=low

  * SECURITY UPDATE: same origin policy bypass via toDataURL() (LP: #1069817)
    - debian/patches/CVE-2012-0958.patch: merge Unity.toDataURL to
      Unity.init in unity-firefox-extension/content/unity-api.js.
    - CVE-2012-0958
 -- Marc Deslauriers <email address hidden> Wed, 12 Dec 2012 10:54:19 -0500