* Patches for several vulnerabilities, taken from Debian's DSA. Thanks a million to Alexander Sack <asac> for backporting them! + CVE-2006-2787 : mozilla-1.7.13-001-mfsa2006-31-319263-336601-336313.patch + CVE-2006-2786 1/2 : mozilla-1.7.13-002-mfsa2006-33-Part-1-2-329746.patch + CVE-2006-2786 2/2 : mozilla-1.7.13-003-mfsa2006-33-Part-2-2-330214.patch + CVE-2006-2785 2/2 : mozilla-1.7.13-004-mfsa2006-34-Part2-2-329521-suite.patch + CVE-2006-2775 : mozilla-1.7.13-005-mfsa2006-35-329677.patch mozilla-1.7.13-023-mfsa2006-35-335142-regression-1-2-for-329677.patch mozilla-1.7.13-024-mfsa2006-35-337841-regression-part-2-2-for-329677.patch + CVE-2006-2784 : mozilla-1.7.13-006-mfsa2006-36-330037.patch + CVE-2006-2776 : mozilla-1.7.13-007-mfsa2006-37-330773-with-belt-and-braces.patch + CVE-2006-2778 : mozilla-1.7.13-008-mfsa2006-38-330897.patch + CVE-2006-1942 : mozilla-1.7.13-009-mfsa2006-39-CVE-2006-1942-334341-suite.patch + CVE-2006-2781 : mozilla-1.7.13-010-mfsa2006-40-334384.patch + CVE-2006-2782 : mozilla-1.7.13-011-mfsa2006-41-334977.patch + CVE-2006-2783 : mozilla-1.7.13-012-mfsa2006-42-335816.patch + CVE-2006-2777 : mozilla-1.7.13-013-mfsa2006-43-336830.patch + CVE-2006-2779 3/6 : mozilla-1.7.13-014-mfsa2006-32-Part-3-7-326501.patch + CVE-2006-2779 4/6 : mozilla-1.7.13-015-mfsa2006-32-Part-4a-7-326931.patch + CVE-2006-2785 2/2 : mozilla-1.7.13-015-mfsa2006-34-Part-1-2-xpfe-329468-suite.patch + CVE-2006-2779 4/6 : mozilla-1.7.13-016-mfsa2006-32-Part-4b-7-329219.patch + CVE-2006-2779 4/6 : mozilla-1.7.13-017-mfsa2006-32-Part-4c-7-330818-proper-aviary.patch + CVE-2006-2779 6/6 : mozilla-1.7.13-018-mfsa2006-32-Part-6-7-332971.patch + CVE-2006-2780 : mozilla-1.7.13-019-mfsa2006-32-Part-7.7-js-src-jsstr.c-335535.patch + CVE-2006-2779 5/6 : mozilla-1.7.13-021-mfsa2006-32-Part-5-7-327712.patch * Note: CVE-2006-2779 (mfsa2006-32) is only partially fixed. Missing are tricky parts 1/6 and 2/6 from advisory: 1/6: Removing nested <option>s from a select (Jesse Ruderman) https://bugzilla.mozilla.org/show_bug.cgi?id=324918 2/6: 'Crashes during DOMNodeRemoved mutation event' https://bugzilla.mozilla.org/show_bug.cgi?id=325730 https://bugzilla.mozilla.org/show_bug.cgi?id=329982
Created attachment 133268 [details] mozilla-1.7.13 security patches
This report targets the FC3 or FC4 products, which have now been EOL'd. Could you please check that it still applies to a current Fedora release, and either update the target product or close it ? Thanks.
fixed upstream (seamonkey/firefox/thunderbird) ...