Bug 157348

Summary: CAN-2005-1476 Multiple Firefox issues (CAN-2005-1477 CAN-2005-1531 CAN-2005-1532)
Product: [Fedora] Fedora Reporter: Josh Bressers <bressers>
Component: firefoxAssignee: Christopher Aillon <caillon>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 3CC: mattdm, security-response-team, wtogami
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=important,embargoed=yes,source=mozilla,reported=20050509
Fixed In Version: 1.0.7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-06-14 12:42:20 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josh Bressers 2005-05-10 20:19:41 UTC 
+++ This bug was initially created as a clone of Bug #157347 +++

Firefix 1.0.4 is going to be released, it fixes a number of issues.

        Upstream is fixing the following bugzilla.mozilla.org bugs:
        292691 (CAN-2005-1476 CAN-2005-1477)
            Potential for full compromise.  It seems we're not very affected.
            impact=moderate

        290908
            Javascript can gain chrome access
            impact=important

        290949
            link tag can give javascript chrome access
            impact=moderate
Comment 1 Josh Bressers 2006-06-14 12:42:20 UTC 
------- Additional Comments From mattdm  2006-06-12 10:37 EST -------
I'm not sure if this was ever directly fixed, but packages for 1.0.7 and 1.0.8
were released and that should cover these.