Bug 1025 - [UPDATE REQUEST] firefox-10.0.10
: [UPDATE REQUEST] firefox-10.0.10
Status: RESOLVED FIXED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Marathon
: All Linux
: Normal normal
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-10-28 19:23 MSK by Aleksandr Kazantcev
Modified: 2012-11-12 12:01 MSK (History)
2 users (show)

See Also:
RPM Package: firefox-10.0.10-1.src.rpm, firefox-l10n-10.0.10-1.src.rpm
ISO-related:
Bad POT generating:
Upstream:
alexander.petryakov: qa_verified+
alex.burmashev: published+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Kazantcev 2012-10-28 19:23:16 MSK
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
Comment 1 Aleksandr Kazantcev 2012-10-28 19:29:29 MSK
https://abf.rosalinux.ru/build_lists/838980
https://abf.rosalinux.ru/build_lists/839005

https://abf.rosalinux.ru/build_lists/838996
https://abf.rosalinux.ru/build_lists/839006

advisory: This is security and bugfix update for ESR version Firefox. Thince 10.0.7 will be
Fixed in Firefox ESR 10.0.10
- MFSA 2012-90 Fixes for Location object issues
Fixed in Firefox ESR 10.0.9
- MFSA 2012-89 defaultValue security checks not applied
Fixed in Firefox ESR 10.0.8
- MFSA 2012-87 Use-after-free in the IME State Manager
- MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer
- MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer
- MFSA 2012-84 Spoofing and script injection through location.hash
- MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties
- MFSA 2012-82 top object and location property accessible by plugins
- MFSA 2012-81 GetProperty function can bypass security checks
- MFSA 2012-79 DOS and crash with full screen and history navigation
- MFSA 2012-77 Some DOMWindowUtils methods bypass security checks
- MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8)
- MFSA 2012-59 Location object can be shadowed using Object.defineProperty
Comment 2 Alexander Petryakov 2012-11-06 01:05:28 MSK
firefox-10.0.10-1
firefox-l10n-10.0.10-1
************** Advisory **************
advisory: This is security and bugfix update for ESR version Firefox
**************************************
QA Verified