[Bug 840485] New: Firefox 24.0/17.0.9esr security release

bugzilla_noreply＠novell.com

16 Sep 2013 16 Sep '13

07:13

https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c0 Summary: Firefox 24.0/17.0.9esr security release Classification: openSUSE Product: openSUSE 12.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Firefox AssignedTo: bnc-team-mozilla@forge.provo.novell.com ReportedBy: wolfgang@rosenauer.org QAContact: qa-bugs@suse.de CC: security-team@suse.de Found By: --- Blocker: --- 2013-09-17 is the announced release date for the following Mozilla applications which contain security fixes (as always) (https://wiki.mozilla.org/Releases): Firefox 24.0 Firefox 17.0.9esr xulrunner 17.0.9esr Seamonkey 2.21 Thunderbird 17.0.9esr Thunderbird 24.0 (minimum NSPR 4.10 and NSS 3.15.1 requirements I think already met with last update round) I'll provide updates for openSUSE distributions as usual with one exception where I'd like to get some feedback: Thunderbird will do a big version update to 24.0 for non-esr versions. Since esr and non esr versions were 99,9% identical in the 17.0 series we have the choice to update to 17.0.9esr or 24.0 for released distributions which will only move the major upgrade around 12 weeks so I'm in favor to follow the big update now already. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

Show replies by date

bugzilla_noreply＠novell.com

16 Sep 16 Sep

10:07

New subject: [Bug 840485] VUL-0: Firefox 24.0/17.0.9esr security release

https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c1 Alexander Bergmann changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |abergmann@suse.com Summary|Firefox 24.0/17.0.9esr |VUL-0: Firefox |security release |24.0/17.0.9esr security | |release --- Comment #1 from Alexander Bergmann 2013-09-16 10:07:39 UTC --- Wolfgang, thanks for the heads up. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

22:00

New subject: [Bug 840485] VUL-0: Firefox 24.0/17.0.9esr security release

https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c2 Swamp Workflow Management changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium --- Comment #2 from Swamp Workflow Management 2013-09-16 22:00:10 UTC --- bugbot adjusting priority -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

17 Sep 17 Sep

20:00

New subject: [Bug 840485] VUL-0: Firefox 24.0/17.0.9esr security release

bugzilla_noreply＠novell.com

20:00

New subject: [Bug 840485] VUL-0: Firefox 24.0/17.0.9esr security release

https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c4 --- Comment #4 from Bernhard Wiedemann 2013-09-17 22:00:33 CEST --- This is an autogenerated message for OBS integration: This bug (840485) was mentioned in https://build.opensuse.org/request/show/199438 Maintenance / https://build.opensuse.org/request/show/199440 Maintenance / -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

18 Sep 18 Sep

07:00

New subject: [Bug 840485] VUL-0: Firefox 24.0/17.0.9esr security release

https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c5 --- Comment #5 from Bernhard Wiedemann 2013-09-18 09:00:11 CEST --- This is an autogenerated message for OBS integration: This bug (840485) was mentioned in https://build.opensuse.org/request/show/199470 Factory / seamonkey https://build.opensuse.org/request/show/199472 12.3 / seamonkey https://build.opensuse.org/request/show/199473 12.2 / seamonkey -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

07:00

New subject: [Bug 840485] VUL-0: Firefox 24.0/17.0.9esr security release

https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c6 --- Comment #6 from Bernhard Wiedemann 2013-09-18 09:00:23 CEST --- This is an autogenerated message for OBS integration: This bug (840485) was mentioned in https://build.opensuse.org/request/show/199471 Maintenance / -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

bugzilla_noreply＠novell.com

08:12

New subject: [Bug 840485] VUL-0: Firefox 24.0/17.0.9esr security release

https://bugzilla.novell.com/show_bug.cgi?id=840485 https://bugzilla.novell.com/show_bug.cgi?id=840485#c7 --- Comment #7 from Alexander Bergmann 2013-09-18 08:12:48 UTC --- http://www.mozilla.org/en-US/firefox/17.0.9/releasenotes/

...

Fixed in Firefox ESR 17.0.9 --------------------------- MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object * (CVE-2013-1737) MFSA 2013-90 Memory corruption involving scrolling * use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) * Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) MFSA 2013-89 Buffer overflow with multi-column, lists, and floats * buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes * compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification * MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption * ABORT: bad scope for new JSObjects: 'js::IsObjectInContextCompartment(lccx.GetScopeForNewJSObjects(), cx)' under ReparentWrapper / document.open (CVE-2013-1725) MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning * Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) * Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * Memory safety bugs fixed in Firefox 24.0 (CVE-2013-1719) MFSA 2013-65 Buffer underflow when generating CRMF requests * ASAN heap-buffer-overflow (read 1) in cryptojs_interpret_key_gen_type (CVE-2013-1705)

https://www.mozilla.org/security/known-vulnerabilities/firefox.html

...

Fixed in Firefox 24 ------------------- MFSA 2013-92 GC hazard with default compartments and frame chain restoration * GC hazard with default compartments and frame chain restoration (CVE-2013-1738) MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object * (CVE-2013-1737) MFSA 2013-90 Memory corruption involving scrolling * use-after-free in mozilla::layout::ScrollbarActivity (CVE-2013-1735) * Memory corruption in nsGfxScrollFrameInner::IsLTR() (CVE-2013-1736) MFSA 2013-89 Buffer overflow with multi-column, lists, and floats * buffer overflow at nsFloatManager::GetFlowArea() with multicol, list, floats (CVE-2013-1732) MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes * compartment mismatch in nsXBLBinding::DoInitJSClass (CVE-2013-1730) MFSA 2013-87 Shared object library loading from writable location * Android looks for .so in public directory (CVE-2013-1731) MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers * Texture in Inspector's 3D View showing parts of the OS and other applications (CVE-2013-1729) MFSA 2013-85 Uninitialized data in IonMonkey * valgrind errors in JS testsuite ("conditional jumps on uninitialized data") (CVE-2013-1728) MFSA 2013-84 Same-origin bypass through symbolic links * Subverting Same-Origin Policy for Local Contents by Symbolic Link (CVE-2013-1727) MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification * MAR signature bypass in Updater could lead to downgrade (CVE-2013-1726) MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption * ABORT: bad scope for new JSObjects: 'js::IsObjectInContextCompartment(lccx.GetScopeForNewJSObjects(), cx)' under ReparentWrapper / document.open (CVE-2013-1725) MFSA 2013-81 Use-after-free with select element * Heap-use-after-free in mozilla::dom::HTMLFormElement::IsDefaultSubmitElement (CVE-2013-1724) MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed * NativeKey should not continue handling key message if widget is destroyed after dispatching event (CVE-2013-1723) MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning * Heap-use-after-free in nsAnimationManager::BuildAnimations (CVE-2013-1722) MFSA 2013-78 Integer overflow in ANGLE library * ANGLE libGLESv2 Integer Overflow (CVE-2013-1721) MFSA 2013-77 Improper state in HTML5 Tree Builder with templates * Heap-buffer-overflow READ in nsHtml5TreeBuilder::resetTheInsertionMode() (CVE-2013-1720) MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) * Memory safety bugs fixed in Firefox 17.0.9 and Firefox 24.0 (CVE-2013-1718) * Memory safety bugs fixed in Firefox 24.0 (CVE-2013-1719)

-- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.