Bug 165974 - CAN-2004-1380 tab stealing issue
CAN-2004-1380 tab stealing issue
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: epiphany (Show other bugs)
3
All Linux
medium Severity high
: ---
: ---
Assigned To: Christopher Aillon
http://live.gnome.org/Epiphany_2fSecu...
impact=important,public=20050120
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-15 09:27 EDT by Josh Bressers
Modified: 2007-11-30 17:11 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-28 11:04:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2005-08-15 09:27:40 EDT
Epiphany is vulnerable to the Mozilla tab information stealing issues. Epiphany
also shows the wrong certificate information
http://live.gnome.org/Epiphany_2fSecurityFixes
Comment 1 Josh Bressers 2005-08-15 09:28:24 EDT
The epiphany shipped in FC4 is not vulnerable to this issue.
Comment 2 Marco Pesenti Gritti 2005-08-17 09:33:03 EDT
Epiphany 1.6.3 was still vulnerable to text entry issues so I built an update to
1.6.5.

Still need to update FC3 to 1.4.4 and add a patch for text entry focus.
Comment 3 Marco Pesenti Gritti 2005-08-18 05:18:05 EDT
I built an update for FC3.
Comment 4 Fedora Update System 2005-08-24 14:00:37 EDT
From User-Agent: XML-RPC

epiphany-1.4.9-1 has been pushed for FC3, which should resolve this issue.

If these issues are still present in this version, then please re-open this bug.
Comment 5 Matthew Miller 2006-07-10 16:34:32 EDT
Fedora Core 3 is now maintained by the Fedora Legacy project for security
updates only. If this problem is a security issue, please reopen and
reassign to the Fedora Legacy product. If it is not a security issue and
hasn't been resolved in the current FC5 updates or in the FC6 test
release, reopen and change the version to match.

Thank you!
Comment 6 Matěj Cepl 2007-07-18 13:24:40 EDT
Distribution against which this bug was reported is no longer supported; could
you please reproduce this with the updated version of the currently supported
distribution (Fedora Core 6, or Fedora 7, or Rawhide)? If this issue turns out
to still be reproducible, please let us know in this bug report.  If after a
month's time we have not heard back from you, we will have to close this bug as
CANTFIX.

Setting status to NEEDINFO, and awaiting information from the reporter.

Thanks in advance.
Comment 7 Matěj Cepl 2007-08-28 11:04:21 EDT
We haven't got any reply to the last question about reproducability of the bug
with Fedora Core 6, Fedora 7, or Fedora devel. Mass closing this bug, so if you
have new information that would help us fix this bug, please reopen it with the
additional information.

Note You need to log in before you can comment on or make changes to this bug.