Bug#304922: mozilla-browser: Multiple Security Issues

Juergen Kreileder Sat, 16 Apr 2005 07:54:28 -0700

Package: mozilla-browser
Version: 2:1.7.6-1
Severity: grave
Tags: security

Mozilla 1.7.7 fixes seven security issues, according to
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla
two have critical severity and one has high severity:


MFSA 2005-33 Javascript "lambda" replace exposes memory contents
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides


-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: powerpc (ppc64)
Kernel: Linux 2.6.12-rc2-mm3
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages mozilla-browser depends on:
ii  debconf                  1.4.48          Debian configuration management sy
ii  libatk1.0-0              1.8.0-4         The ATK accessibility toolkit
ii  libc6                    2.3.2.ds1-20    GNU C Library: Shared libraries an
ii  libfontconfig1           2.3.1-2         generic font configuration library
ii  libfreetype6             2.1.7-2.3       FreeType 2 font engine, shared lib
ii  libgcc1                  1:3.4.3-12      GCC support library
ii  libglib2.0-0             2.6.4-1         The GLib library of C routines
ii  libgtk2.0-0              2.6.4-1         The GTK+ graphical user interface 
ii  libkrb53                 1.3.6-2         MIT Kerberos runtime libraries
ii  libnspr4                 2:1.7.6-1       Netscape Portable Runtime Library
ii  libpango1.0-0            1.8.1-1         Layout and rendering of internatio
ii  libstdc++5               1:3.3.5-12      The GNU Standard C++ Library v3
ii  libx11-6                 4.3.0.dfsg.1-12 X Window System protocol client li
ii  libxext6                 4.3.0.dfsg.1-12 X Window System miscellaneous exte
ii  libxft2                  2.1.7-1         FreeType-based font drawing librar
ii  libxp6                   4.3.0.dfsg.1-12 X Window System printing extension
ii  libxrender1              0.8.3-7         X Rendering Extension client libra
ii  libxt6                   4.3.0.dfsg.1-12 X Toolkit Intrinsics
ii  psmisc                   21.6-1          Utilities that use the proc filesy
ii  xlibs                    4.3.0.dfsg.1-12 X Keyboard Extension (XKB) configu
ii  zlib1g                   1:1.2.2-4       compression library - runtime

-- debconf information:
* mozilla/dsp: esddsp
* mozilla/locale_auto: true
* mozilla/prefs_note:


        Juergen

-- 
Juergen Kreileder, Blackdown Java-Linux Team
http://blog.blackdown.de/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#304922: mozilla-browser: Multiple Security Issues

Reply via email to