Bug 635659

Summary: Firefox at V.3.6.7 has known security bugs, all the while 3 newer versions where released over a period of 54 days.
Product: [Fedora] Fedora Reporter: Bram... <rgvtaerdy>
Component: firefoxAssignee: Martin Stransky <stransky>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: low    
Version: 13CC: casmls, gecko-bugs-nobody, jan.kratochvil, jonathan.rushdoony, nsoranzo, sanjay.ankur, stransky
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: firefox-3.6.10-1.fc13 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-09-23 04:56:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bram... 2010-09-20 13:16:16 UTC 
We are stuck with Firefox at 3.6.7 that has known security bugs,  all
the while 3 newer versions where released over a period of 54 days.


v.3.6.10, released September 15th:

Fixed a single stability issue affecting a limited number of users

v.3.6.9, released September 7th, 2010

MFSA 2010-63 Information leak via XMLHttpRequest statusText
MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document
allows XSS
MFSA 2010-61 UTF-7 XSS by overriding document charset using <object>
type attribute
MFSA 2010-59 SJOW creates scope chains ending in outer object
MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
MFSA 2010-57 Crash and remote code execution in normalizeDocument
MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-55 XUL tree removal crash and remote code execution
MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
MFSA 2010-52 Windows XP DLL loading vulnerability
MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
MFSA 2010-50 Frameset integer overflow vulnerability
MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)

v.3.6.8, released July 23rd, 2010

MFSA 2010-48 Dangling pointer crash regression from plugin parameter
array fix

This should be promptly corrected! 

Bram.
Comment 1 Martin Stransky 2010-09-20 13:50:25 UTC 
It's going to be updated to 3.6.10 soon.
Comment 2 Martin Stransky 2010-09-22 11:32:55 UTC 
https://admin.fedoraproject.org/updates/galeon-2.0.7-33.fc13,firefox-3.6.10-1.fc13,xulrunner-1.9.2.10-1.fc13,gnome-python2-extras-2.25.3-22.fc13,gnome-web-photo-0.9-12.fc13,mozvoikko-1.0-14.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.17
Comment 3 Fedora Update System 2010-09-22 11:34:17 UTC 
galeon-2.0.7-33.fc13,firefox-3.6.10-1.fc13,xulrunner-1.9.2.10-1.fc13,gnome-python2-extras-2.25.3-22.fc13,gnome-web-photo-0.9-12.fc13,mozvoikko-1.0-14.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.17 has been submitted as an update for Fedora 13.
https://admin.fedoraproject.org/updates/galeon-2.0.7-33.fc13,firefox-3.6.10-1.fc13,xulrunner-1.9.2.10-1.fc13,gnome-python2-extras-2.25.3-22.fc13,gnome-web-photo-0.9-12.fc13,mozvoikko-1.0-14.fc13,perl-Gtk2-MozEmbed-0.08-6.fc13.17
Comment 4 Jonathan Rushdoony 2010-09-23 03:06:53 UTC 
Firefox 3.6.9 has been in updates-candidate since 9/8.  While it's good to read here that 3.6.10 will be available soon, Mozilla identified "critical" security vulnerabilities in 3.6.7.  Fedora should have provided Firefox 3.6.9 promptly to Fedora users.  Releasing 3.6.9 and then working on 3.6.10 aren't mutually exclusive.  My thanks to the user who reported this as a bug on 9/20.
Comment 5 Fedora Update System 2010-09-23 04:56:11 UTC 
galeon-2.0.7-33.fc13, firefox-3.6.10-1.fc13, xulrunner-1.9.2.10-1.fc13, gnome-python2-extras-2.25.3-22.fc13, gnome-web-photo-0.9-12.fc13, mozvoikko-1.0-14.fc13, perl-Gtk2-MozEmbed-0.08-6.fc13.17 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.