This was originally bug 194617, until Bugzilla barfed yesterday. Entering it again... Summary: CVE-2006-2779 Multiple Mozilla issues (CVE-2006-2781, CVE-2006-2788) Product: Fedora Core Version: fc5 Platform: All OS/Version: Linux Status: NEW Severity: urgent Priority: normal Component: firefox AssignedTo: caillon ReportedBy: mattdm CC: deisenst,wtogami This issue also affects Fedora Core 5. A lot of the problems fixed in 1.5.0.4 don't seem that severe, but a few of these are serious enough to at least turn some heads. And it's been public for a quite a while now. +++ This bug was initially created as a clone of Bug #193906 +++ Text stolen from MITRE: CVE-2006-2781 Double-free vulnerability in Mozilla Thunderbird before 1.5.0.4 and SeaMonkey before 1.0.2 allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via a VCard that contains invalid base64 characters. CVE-2006-2779 Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption. -- Additional comment from bressers on 2006-06-02 16:22 EST -- These issues also affect RHEL2.1 and RHEL3 -- Additional comment from bressers on 2006-06-02 16:34 EST -- Also this issue: CVE-2006-2788 Double-free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.
------- Additional Comments From mattdm 2006-06-12 10:39 EST ------- Removing dependency on bug #193906, since that's really a separate issue since it requires backports. I still don't see an update for this even in the testing tree.
Kai, Dennis -- I understand you were working on rolling firefox &/or thunderbird packages yesterday for 1.5.0.4. How is that coming along?
some trouble with build system, hope to have it done by tomorrow. tb is already out on rawhide
*** Bug 195315 has been marked as a duplicate of this bug. ***
ff and tb 1.5.0.4 have been released on fc5 and rawhide
thanks!