firefox 1.0.8-0ubuntu5.10.1 source package in Ubuntu
Changelog
firefox (1.0.8-0ubuntu5.10.1) breezy-security; urgency=low
Security fix from Eric Dorland:
* content/xul/templates/src/nsXULContentUtils.cpp,
content/xul/templates/src/nsXULSortService.cpp: A couple of patches
from Alexander Sack to fix regressions caused by the previous security
fixes.
All security fixes prepared by Alexander Sack:
* js/src/jsfun.c, js/src/jsinterp.c,
netwerk/base/src/nsProxyAutoConfig.js: Fix for CVE-2006-2787, aka
mfsa2006-31.
* netwerk/protocol/http/src/nsHttp.cpp,
netwerk/protocol/http/src/nsHttp.h,
netwerk/protocol/http/src/nsHttpChannel.cpp,
netwerk/protocol/http/src/nsHttpHeaderArray.cpp,
netwerk/protocol/http/src/nsHttpTransaction.cpp: Fix for
CVE-2006-2786, aka mfsa2006-33.
* browser/base/content/browser.js,
xpfe/browser/resources/content/nsBrowserStatusHandler.js,
xpfe/communicator/resources/content/nsContextMenu.js,
xpfe/communicator/resources/content/utilityOverlay.js: Fix for "XSS
viewing javascript: frames or images from context menu", CVE-2006-2785
aka mfsa2006-34.
* content/xul/document/src/nsXULDocument.cpp,
content/xul/templates/src/nsXULContentUtils.cpp,
content/xul/templates/src/nsXULContentUtils.h,
content/xul/templates/src/nsXULSortService.cpp: Fix for "Privilege
escalation through XUL persist", CVE-2006-2775 aka mfsa2006-35.
* caps/src/nsScriptSecurityManager.cpp: Fix for "PLUGINSPAGE privileged
JavaScript execution II", CVE-2006-2784 aka mfsa2006-36.
* dom/src/base/nsDOMClassInfo.cpp, dom/src/base/nsGlobalWindow.cpp: Fix
for "Remote compromise via content-defined setter on object
prototypes", CVE-2006-2776 aka mfsa2006-37.
* security/manager/ssl/src/nsCrypto.cpp: Fix for "Buffer overflow in
crypto.signText()", CVE-2006-2778 aka mfsa2006-38.
* browser/base/content/contentAreaUtils.js,
caps/src/nsScriptSecurityManager.cpp: Fix for ""View Image" local
resource linking (Windows)", CVE-2006-1942 aka mfsa2006-39.
* content/html/content/public/Makefile.in,
content/html/content/public/nsIFileControlElement.h,
content/html/content/src/nsHTMLInputElement.cpp,
content/shared/public/nsHTMLAtomList.h,
layout/html/forms/src/nsFileControlFrame.cpp,
layout/html/forms/src/nsFileControlFrame.h: Fix for "File stealing by
changing input type (variant)", CVE-2006-2782 aka mfsa2006-41.
* intl/uconv/src/nsUTF8ToUnicode.cpp, intl/uconv/src/nsUTF8ToUnicode.h:
Fix for " Web site XSS using BOM on UTF-8 pages", CVE-2006-2783 aka
mfsa2006-42.
* modules/libpref/src/init/all.js: Fix for "Privilege escalation using
addSelectionListener", CVE-2006-2777 aka mfsa2006-43.
* content/base/public/nsContentUtils.h,
content/base/src/nsContentUtils.cpp,
content/xul/templates/src/nsXULTreeBuilder.cpp,
layout/xul/base/src/tree/public/nsITreeView.idl,
layout/xul/base/src/tree/src/nsTreeBoxObject.cpp,
layout/xul/base/src/tree/src/nsTreeContentView.h,
content/base/src/nsDocument.cpp, layout/xul/base/src/nsBoxObject.cpp,
content/html/document/src/nsHTMLContentSink.cpp, js/src/jsstr.c,
content/xbl/src/nsXBLProtoImplProperty.cpp: Various patches for
CVE-2006-2779 and CVE-2006-2780 aka mfsa2006-32. Note that this fix is
incomplete, and is missing the fixes from bz#324918, bz#325730 and
bz#329982
-- Ian Jackson <email address hidden> Mon, 24 Jul 2006 11:56:36 +0100
Upload details
- Uploaded by:
- Ian Jackson
- Uploaded to:
- Breezy
- Original maintainer:
- Eric Dorland
- Architectures:
- any
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| firefox_1.0.8.orig.tar.gz | 39.6 MiB | 7973393dc00b89bb4d0f5e3e3d253cfe1ba87868c6a181ebaf2aeb48dca92369 |
| firefox_1.0.8-0ubuntu5.10.1.diff.gz | 835.1 KiB | 81e8906789c9edf8b5c78265f0a2eb6f42d4061dfc90d851556bebd1530ef2df |
| firefox_1.0.8-0ubuntu5.10.1.dsc | 998 bytes | 4b2d19bef90aa7da20a3b11f177dca0b173bfabd9fba0c2a143c990c951f8b45 |
Binary packages built by this source
- firefox: No summary available for firefox in ubuntu breezy.
No description available for firefox in ubuntu breezy.
- firefox-dev: No summary available for firefox-dev in ubuntu breezy.
No description available for firefox-dev in ubuntu breezy.
- firefox-dom-inspector: No summary available for firefox-dom-inspector in ubuntu breezy.
No description available for firefox-
dom-inspector in ubuntu breezy.
- firefox-gnome-support: No summary available for firefox-gnome-support in ubuntu breezy.
No description available for firefox-
gnome-support in ubuntu breezy.
- mozilla-firefox: No summary available for mozilla-firefox in ubuntu breezy.
No description available for mozilla-firefox in ubuntu breezy.
- mozilla-firefox-dev: No summary available for mozilla-firefox-dev in ubuntu breezy.
No description available for mozilla-firefox-dev in ubuntu breezy.
