https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c7 --- Comment #7 from Alexander Bergmann <abergmann@suse.com> 2013-09-18 08:12:48 UTC --- http://www.mozilla.org/en-US/firefox/17.0.9/releasenotes/
Fixed in Firefox ESR 17.0.9 --------------------------- MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object * (CVE-2013-1737) MFSA 2013-90 Memory corruption involving scrolling * use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) * Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) MFSA 2013-89 Buffer overflow with multi-column, lists, and floats * buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes * compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification * MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption * ABORT: bad scope for new JSObjects: 'js::IsObjectInContextCompartment(lccx.GetScopeForNewJSObjects(), cx)' under ReparentWrapper / document.open (CVE-2013-1725) MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning * Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) * Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * Memory safety bugs fixed in Firefox 24.0 (CVE-2013-1719) MFSA 2013-65 Buffer underflow when generating CRMF requests * ASAN heap-buffer-overflow (read 1) in cryptojs_interpret_key_gen_type (CVE-2013-1705)
https://www.mozilla.org/security/known-vulnerabilities/firefox.html
Fixed in Firefox 24 ------------------- MFSA 2013-92 GC hazard with default compartments and frame chain restoration * GC hazard with default compartments and frame chain restoration (CVE-2013-1738) MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object * (CVE-2013-1737) MFSA 2013-90 Memory corruption involving scrolling * use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) * Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) MFSA 2013-89 Buffer overflow with multi-column, lists, and floats * buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes * compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) MFSA 2013-87 Shared object library loading from writable location * Android looks for .so in public directory (CVE-2013-1731) MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers * Texture in Inspector's 3D View showing parts of the OS and other applications (CVE-2013-1729) MFSA 2013-85 Uninitialized data in IonMonkey * valgrind errors in JS testsuite ("conditional jumps on uninitialized data") (CVE-2013-1728) MFSA 2013-84 Same-origin bypass through symbolic links * Subverting Same-Origin Policy for Local Contents by Symbolic Link (CVE-2013-1727) MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification * MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption * ABORT: bad scope for new JSObjects: 'js::IsObjectInContextCompartment(lccx.GetScopeForNewJSObjects(), cx)' under ReparentWrapper / document.open (CVE-2013-1725) MFSA 2013-81 Use-after-free with select element * Heap-use-after-free in mozilla::dom::HTMLFormElement::IsDefaultSubmitElement (CVE-2013-1724) MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed * NativeKey should not continue handling key message if widget is destroyed after dispatching event (CVE-2013-1723) MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning * Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) MFSA 2013-78 Integer overflow in ANGLE library * ANGLE libGLESv2 Integer Overflow (CVE-2013-1721) MFSA 2013-77 Improper state in HTML5 Tree Builder with templates * Heap-buffer-overflow READ in nsHtml5TreeBuilder::resetTheInsertionMode() (CVE-2013-1720) MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) * Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * Memory safety bugs fixed in Firefox 24.0 (CVE-2013-1719)
-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.