security [ARCHIVED] June 2006

security@lists.fedoraproject.org

12 participants
23 discussions

Public Announcment for Fedora Extras
by Thomas Chung 12 Jun '06

12 Jun '06

First of all, congratulations to those who made Fedora Extras Updates announcements possible to the public for the first time! [1] https://www.redhat.com/archives/fedora-package-announce/2006-May/msg00093.h… [2] https://www.redhat.com/archives/fedora-package-announce/2006-May/msg00094.h… [3] https://www.redhat.com/archives/fedora-package-announce/2006-May/msg00095.h… Now, we need a public announcement regarding our new effort. Could someone in this project make an official announcement on Fedora Extras Updates? This will be posted in Fedora Weekly News as well as Fedora Weekly Reports. ps. The tag in subject in [2] should be Fedora Extras *4* update: kphone-4.2-9.fc4 It's been corrected in Fedora News post. [4] [4] http://fedoranews.org/cms/node/942 Regards, -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung

6 9

[Fwd: Re: New Mozilla vulnerabilities??]
by David Eisenstein 12 Jun '06

12 Jun '06

Matthew Miller wrote: > On Sat, Jun 03, 2006 at 02:36:13PM -0500, David Eisenstein wrote: > >>It mentions a bunch of vulnerabilities (all of which seem to affect >>Seamonkey, Thunderbird, and Firefox). After looking at each VU#, it appears >>that none of the announcements mention the Mozilla suite. Also, at least as >>of last night, none of them mention any CVE #'s. > > > No updates for Firefox for Fedora Core yet, either.... > > <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194617> > I heard a rumor the other day that Red Hat Enterprise Linux may be planning to replace Mozilla with Seamonkey in their currently-maintained distros. Am wondering if there is any truth to this rumor? Also wondering if there is anything we in Fedora Legacy can do to help in this process of dealing with these critical Mozilla/Firefox/Seamonkey bugs? Fedora Legacy bug for these issues: <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194440> Congrats to Fedora Extras for getting Seamonkey packages out already! :) Regards, David

6 12

New Mozilla vulnerabilities??
by David Eisenstein 09 Jun '06

09 Jun '06

Hello all, Yesterday, I received a notice from US-CERT regarding Technical Cyber Security Alert TA06-153A -- Mozilla Products Contain Multiple Vulnerabilities, (available at <http://www.us-cert.gov/cas/techalerts/TA06-153A.html>). It mentions a bunch of vulnerabilities (all of which seem to affect Seamonkey, Thunderbird, and Firefox). After looking at each VU#, it appears that none of the announcements mention the Mozilla suite. Also, at least as of last night, none of them mention any CVE #'s. What's going on with this? Are any Mozilla Suite products affected by these vulnerabilities? Some of these sound critical -- and if there are no patches available for mozilla-1.7.13, well, it seems bad! "Several vulnerabilities have been reported in the Mozilla web browser and derived products. More detailed information is available in the individual vulnerability notes, including: "VU#237257 - Mozilla privilege escalation using addSelectionListener A privilege escalation vulnerability exists in the Mozilla addSelectionListener method. This may allow a remote attacker to execute arbitrary code. "VU#421529 - Mozilla contains a buffer overflow vulnerability in crypto.signText() Mozilla products contain a buffer overflow in the crypto.signText() method. This may allow a remote attacker to execute arbitrary code. "VU#575969 - Mozilla may process content-defined setters on object prototypes with elevated privileges Mozilla allows content-defined setters on object prototypes to execute with elevated privileges. This may allow a remote attacker to execute arbitrary code. "VU#243153 - Mozilla may associate persisted XUL attributes with an incorrect URL Mozilla can allow persisted XUL attributes to associate with the wrong URL. This may allow a remote attacker to execute arbitrary code. "VU#466673 - Mozilla contains multiple memory corruption vulnerabilities Mozilla contains several memory corruption vulnerabilities. This may allow a remote attacker to execute arbitrary code." -David

2 1

[Bug 193963] New: CVE-2006-2781 (seamonkey): DOS/arbitrary code execution vuln with vcards
by Red Hat Bugzilla 08 Jun '06

08 Jun '06

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193963 Summary: CVE-2006-2781 (seamonkey): DOS/arbitrary code execution vuln with vcards Product: Fedora Extras Version: fc5 Platform: All OS/Version: Linux Status: NEW Severity: high Priority: high Component: seamonkey AssignedTo: kengert(a)redhat.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: extras-qa(a)fedoraproject.org,fedora-security- list(a)redhat.com vcard parsing related DOS/arbitrary code execution in seamonkey < 1.0.2: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2781 -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 1

[Bug 193962] New: CVE-2006-2777 (seamonkey): remote arbitrary code execution vulnerability
by Red Hat Bugzilla 08 Jun '06

08 Jun '06

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193962 Summary: CVE-2006-2777 (seamonkey): remote arbitrary code execution vulnerability Product: Fedora Extras Version: fc5 Platform: All OS/Version: Linux Status: NEW Severity: high Priority: high Component: seamonkey AssignedTo: kengert(a)redhat.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: extras-qa(a)fedoraproject.org,fedora-security- list(a)redhat.com Remote arbitrary code execution vulnerability in seamonkey < 1.0.2: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2777 -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 1

[Bug 187353] Possible security issue
by Red Hat Bugzilla 05 Jun '06

05 Jun '06

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187353 lmacken(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fedora-security- | |list(a)redhat.com ------- Additional Comments From lmacken(a)redhat.com 2006-06-05 13:53 EST ------- I agree that this is an issue with NetHack and needs to be fixed. After quickly looking around, I don't believe a patch for this has been written yet (I could be wrong). CC'ing fedora-security-list. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

Full list of Seamonkey (unpatched Mozilla Suite??) vulnerabilities...
by David Eisenstein 03 Jun '06

03 Jun '06

Hi again all, More Seamonkey vulnerabilties... From <http://www.mozilla.org/projects/security/known-vulnerabilities.html#SeaMonk…>, there is this list: Fixed in SeaMonkey 1.0.2 ------------------------ Critical - MFSA 2006-43 Privilege escalation using addSelectionListener High - MFSA 2006-42 Web site XSS using BOM on UTF-8 pages High - MFSA 2006-41 File stealing by changing input type (variant) Critical - MFSA 2006-40 Double-free on malformed VCard Low - MFSA 2006-39 "View Image" local resource linking (Windows) Critical - MFSA 2006-38 Buffer overflow in crypto.signText() Critical - MFSA 2006-37 Remote compromise via content-defined setter on object prototypes Critical - MFSA 2006-35 Privilege escalation through XUL persist Moderate - MFSA 2006-34 XSS viewing javascript: frames or images from context menu High - MFSA 2006-33 HTTP response smuggling Critical - MFSA 2006-32 Fixes for crashes with potential memory corruption Moderate - MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) Similar lists exists for Firefox ("Fixed in Firefox 1.5.0.4") and Thunderbird ("Fixed in Thunderbird 1.5.0.4") vulnerabilities on that same page. Somehow, I suspect that if these vulnerabilities exist in Seamonkey, then many will also exist in Mozilla-1.7.13, in Firefox-1.0.8, and Thunderbird-1.0.8 .... What is the Mozilla Foundation trying to do here? Make zero-day exploits available to malware writers to use against legacy users of Mozilla-1.7.13 Firefox-1.0.8, and Thunderbird-1.0.8 users?!? Is there any coordination among outside maintainers of these legacy packages (since the Mozilla foundation's official policy is that Mozilla-1.7.13 was the end of the line for the Mozilla suite)? Should there be?? Regards, David Eisenstein ps: None of the detailed MSFA's linked to from the known-vulnerabilities page that I looked at had any CVE's listed for them. Does anyone know if any CVE's are assigned for these vulnerabilities? Also, all of the bugzilla.mozilla.org links from the MFSA's seem to be embargoed (at least for me). Does anyone here have access to those bug reports?

2 1

[Fwd: Re: [Bug 193962] New: CVE-2006-2777 (seamonkey): remote arbitrary code execution vulnerability]
by David Eisenstein 03 Jun '06

03 Jun '06

Oops, used wrong "From" address... trying again ... sorry 'bout that. -David -------- Original Message -------- Subject: Re: [Bug 193962] New: CVE-2006-2777 (seamonkey): remote arbitrary From: Dave Eisenstein <c438421(a)twinkie.homedns.org> To: fedora-security-list(a)redhat.com Hey Ville, How did you get news of the existence of CVE-2006-2777? Regards, David Eisenstein bugzilla(a)redhat.com wrote: > > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193962 > > Summary: CVE-2006-2777 (seamonkey): remote arbitrary code > execution vulnerability > Product: Fedora Extras > Version: fc5 > Platform: All > OS/Version: Linux > Status: NEW > Severity: high > Priority: high > Component: seamonkey > AssignedTo: kengert(a)redhat.com > ReportedBy: ville.skytta(a)iki.fi > QAContact: extras-qa(a)fedoraproject.org > CC: extras-qa(a)fedoraproject.org,fedora-security- > list(a)redhat.com > > Remote arbitrary code execution vulnerability in seamonkey < 1.0.2: > http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2777 >

2 1

[CVENEW] New CVE CANs: 2006/06/02 17:00 ; count=1
by coley＠mitre.org 02 Jun '06

02 Jun '06

====================================================== Name: CVE-2006-2788 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2788 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=321598 Double-free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code. ------- =_aaaaaaaaaa0--

1 0

[CVENEW] New CVE CANs: 2006/06/02 16:00 ; count=2
by coley＠mitre.org 02 Jun '06

02 Jun '06

====================================================== Name: CVE-2006-2786 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2786 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-33.html HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client. ====================================================== Name: CVE-2006-2787 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2787 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20060602 Category: Reference: CONFIRM:http://www.mozilla.org/security/announce/2006/mfsa2006-31.html EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

security [ARCHIVED] June 2006