Bug 200594 - mozilla security patches for various products including legacy
Summary: mozilla security patches for various products including legacy
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Fedora
Classification: Fedora
Component: mozilla
Version: 4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Christopher Aillon
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-07-28 20:48 UTC by jens.koerber
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-01-23 23:18:19 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)
mozilla-1.7.13 security patches (22.13 KB, application/octet-stream)
2006-07-28 20:48 UTC, jens.koerber 		no flags Details
View All

Description jens.koerber 2006-07-28 20:48:46 UTC 
* Patches for several vulnerabilities, taken from Debian's DSA. Thanks a
    million to Alexander Sack <asac> for backporting them!
    + CVE-2006-2787     : mozilla-1.7.13-001-mfsa2006-31-319263-336601-336313.patch
    + CVE-2006-2786 1/2 : mozilla-1.7.13-002-mfsa2006-33-Part-1-2-329746.patch
    + CVE-2006-2786 2/2 : mozilla-1.7.13-003-mfsa2006-33-Part-2-2-330214.patch
    + CVE-2006-2785 2/2 : mozilla-1.7.13-004-mfsa2006-34-Part2-2-329521-suite.patch
    + CVE-2006-2775     : mozilla-1.7.13-005-mfsa2006-35-329677.patch
                         
mozilla-1.7.13-023-mfsa2006-35-335142-regression-1-2-for-329677.patch
                         
mozilla-1.7.13-024-mfsa2006-35-337841-regression-part-2-2-for-329677.patch 
    + CVE-2006-2784     : mozilla-1.7.13-006-mfsa2006-36-330037.patch
    + CVE-2006-2776     :
mozilla-1.7.13-007-mfsa2006-37-330773-with-belt-and-braces.patch
    + CVE-2006-2778     : mozilla-1.7.13-008-mfsa2006-38-330897.patch
    + CVE-2006-1942     :
mozilla-1.7.13-009-mfsa2006-39-CVE-2006-1942-334341-suite.patch
    + CVE-2006-2781     : mozilla-1.7.13-010-mfsa2006-40-334384.patch
    + CVE-2006-2782     : mozilla-1.7.13-011-mfsa2006-41-334977.patch
    + CVE-2006-2783     : mozilla-1.7.13-012-mfsa2006-42-335816.patch
    + CVE-2006-2777     : mozilla-1.7.13-013-mfsa2006-43-336830.patch
    + CVE-2006-2779 3/6 : mozilla-1.7.13-014-mfsa2006-32-Part-3-7-326501.patch
    + CVE-2006-2779 4/6 : mozilla-1.7.13-015-mfsa2006-32-Part-4a-7-326931.patch
    + CVE-2006-2785 2/2 :
mozilla-1.7.13-015-mfsa2006-34-Part-1-2-xpfe-329468-suite.patch
    + CVE-2006-2779 4/6 : mozilla-1.7.13-016-mfsa2006-32-Part-4b-7-329219.patch
    + CVE-2006-2779 4/6 :
mozilla-1.7.13-017-mfsa2006-32-Part-4c-7-330818-proper-aviary.patch
    + CVE-2006-2779 6/6 : mozilla-1.7.13-018-mfsa2006-32-Part-6-7-332971.patch
    + CVE-2006-2780     :
mozilla-1.7.13-019-mfsa2006-32-Part-7.7-js-src-jsstr.c-335535.patch
    + CVE-2006-2779 5/6 : mozilla-1.7.13-021-mfsa2006-32-Part-5-7-327712.patch
  * Note: CVE-2006-2779 (mfsa2006-32) is only partially fixed. Missing are
    tricky parts 1/6 and 2/6 from advisory:
     1/6: Removing nested <option>s from a select (Jesse Ruderman)
       https://bugzilla.mozilla.org/show_bug.cgi?id=324918
     2/6: 'Crashes during DOMNodeRemoved mutation event'
       https://bugzilla.mozilla.org/show_bug.cgi?id=325730
       https://bugzilla.mozilla.org/show_bug.cgi?id=329982
Comment 1 jens.koerber 2006-07-28 20:48:46 UTC 
Created attachment 133268 [details]
mozilla-1.7.13 security patches
Comment 2 Christian Iseli 2007-01-22 11:27:18 UTC 
This report targets the FC3 or FC4 products, which have now been EOL'd.

Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?

Thanks.
Comment 3 jens.koerber 2007-01-23 23:18:19 UTC 
fixed upstream (seamonkey/firefox/thunderbird) ...
Note You need to log in before you can comment on or make changes to this bug.