firefox 1.0.8-0ubuntu5.10.1 source package in Ubuntu
Changelog
firefox (1.0.8-0ubuntu5.10.1) breezy-security; urgency=low Security fix from Eric Dorland: * content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULSortService.cpp: A couple of patches from Alexander Sack to fix regressions caused by the previous security fixes. All security fixes prepared by Alexander Sack: * js/src/jsfun.c, js/src/jsinterp.c, netwerk/base/src/nsProxyAutoConfig.js: Fix for CVE-2006-2787, aka mfsa2006-31. * netwerk/protocol/http/src/nsHttp.cpp, netwerk/protocol/http/src/nsHttp.h, netwerk/protocol/http/src/nsHttpChannel.cpp, netwerk/protocol/http/src/nsHttpHeaderArray.cpp, netwerk/protocol/http/src/nsHttpTransaction.cpp: Fix for CVE-2006-2786, aka mfsa2006-33. * browser/base/content/browser.js, xpfe/browser/resources/content/nsBrowserStatusHandler.js, xpfe/communicator/resources/content/nsContextMenu.js, xpfe/communicator/resources/content/utilityOverlay.js: Fix for "XSS viewing javascript: frames or images from context menu", CVE-2006-2785 aka mfsa2006-34. * content/xul/document/src/nsXULDocument.cpp, content/xul/templates/src/nsXULContentUtils.cpp, content/xul/templates/src/nsXULContentUtils.h, content/xul/templates/src/nsXULSortService.cpp: Fix for "Privilege escalation through XUL persist", CVE-2006-2775 aka mfsa2006-35. * caps/src/nsScriptSecurityManager.cpp: Fix for "PLUGINSPAGE privileged JavaScript execution II", CVE-2006-2784 aka mfsa2006-36. * dom/src/base/nsDOMClassInfo.cpp, dom/src/base/nsGlobalWindow.cpp: Fix for "Remote compromise via content-defined setter on object prototypes", CVE-2006-2776 aka mfsa2006-37. * security/manager/ssl/src/nsCrypto.cpp: Fix for "Buffer overflow in crypto.signText()", CVE-2006-2778 aka mfsa2006-38. * browser/base/content/contentAreaUtils.js, caps/src/nsScriptSecurityManager.cpp: Fix for ""View Image" local resource linking (Windows)", CVE-2006-1942 aka mfsa2006-39. * content/html/content/public/Makefile.in, content/html/content/public/nsIFileControlElement.h, content/html/content/src/nsHTMLInputElement.cpp, content/shared/public/nsHTMLAtomList.h, layout/html/forms/src/nsFileControlFrame.cpp, layout/html/forms/src/nsFileControlFrame.h: Fix for "File stealing by changing input type (variant)", CVE-2006-2782 aka mfsa2006-41. * intl/uconv/src/nsUTF8ToUnicode.cpp, intl/uconv/src/nsUTF8ToUnicode.h: Fix for " Web site XSS using BOM on UTF-8 pages", CVE-2006-2783 aka mfsa2006-42. * modules/libpref/src/init/all.js: Fix for "Privilege escalation using addSelectionListener", CVE-2006-2777 aka mfsa2006-43. * content/base/public/nsContentUtils.h, content/base/src/nsContentUtils.cpp, content/xul/templates/src/nsXULTreeBuilder.cpp, layout/xul/base/src/tree/public/nsITreeView.idl, layout/xul/base/src/tree/src/nsTreeBoxObject.cpp, layout/xul/base/src/tree/src/nsTreeContentView.h, content/base/src/nsDocument.cpp, layout/xul/base/src/nsBoxObject.cpp, content/html/document/src/nsHTMLContentSink.cpp, js/src/jsstr.c, content/xbl/src/nsXBLProtoImplProperty.cpp: Various patches for CVE-2006-2779 and CVE-2006-2780 aka mfsa2006-32. Note that this fix is incomplete, and is missing the fixes from bz#324918, bz#325730 and bz#329982 -- Ian Jackson <email address hidden> Mon, 24 Jul 2006 11:56:36 +0100
Upload details
- Uploaded by:
- Ian Jackson
- Uploaded to:
- Breezy
- Original maintainer:
- Eric Dorland
- Architectures:
- any
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
firefox_1.0.8.orig.tar.gz | 39.6 MiB | 7973393dc00b89bb4d0f5e3e3d253cfe1ba87868c6a181ebaf2aeb48dca92369 |
firefox_1.0.8-0ubuntu5.10.1.diff.gz | 835.1 KiB | 81e8906789c9edf8b5c78265f0a2eb6f42d4061dfc90d851556bebd1530ef2df |
firefox_1.0.8-0ubuntu5.10.1.dsc | 998 bytes | 4b2d19bef90aa7da20a3b11f177dca0b173bfabd9fba0c2a143c990c951f8b45 |
Binary packages built by this source
- firefox: No summary available for firefox in ubuntu breezy.
No description available for firefox in ubuntu breezy.
- firefox-dev: No summary available for firefox-dev in ubuntu breezy.
No description available for firefox-dev in ubuntu breezy.
- firefox-dom-inspector: No summary available for firefox-dom-inspector in ubuntu breezy.
No description available for firefox-
dom-inspector in ubuntu breezy.
- firefox-gnome-support: No summary available for firefox-gnome-support in ubuntu breezy.
No description available for firefox-
gnome-support in ubuntu breezy.
- mozilla-firefox: No summary available for mozilla-firefox in ubuntu breezy.
No description available for mozilla-firefox in ubuntu breezy.
- mozilla-firefox-dev: No summary available for mozilla-firefox-dev in ubuntu breezy.
No description available for mozilla-firefox-dev in ubuntu breezy.