On Mon, 2006-04-17 at 10:24 -0500, David Eisenstein wrote: > Hi Folks, > > Over the (HOLIDAY!) weekend, Mozilla released a new Firefox (1.0.8) fixing > a set of critical vulnerabilities. The upstream (mozilla.org) chose > *not*, however, to release the Mozilla code for 1.7.13 yet, but I am told > that the updated Mozilla will be released officially in the near future. > We may, however, be able to get our hands on the sources before then and > get it in the pipeline for QA and such. > > Some of the critical issues (potential remotely exploited code execution) > can be mitigated by turning off Javascript, but not all, as there is one > issue that I am told that can be triggered by HTML tags. From MFSA > 2006-18 <http://www.mozilla.org/security/announce/2006/mfsa2006-18.html>, > <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749>: > > "A particular sequence of HTML tags that reliably crash Mozilla clients > was reported by an anonymous researcher via TippingPoint and the Zero > Day Initiative. The crash is due to memory corruption that can be > exploited to run arbitary code. > > "Mozilla mail clients will crash on the tag sequence, but without the > ability to run scripts to fill memory with the attack code it may not > be possible for an attacker to exploit this crash." > > These issues affect Mozilla Firefox and Thunderbird 1.x before 1.5 and > 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0, > according to CVE-2006-0749. > > Be careful out there! We'll get these out for Legacy as soon as we can. Updates have been announced for Fedora Core 4 and Fedora Core 5. It should be easy enough to rebuild it and provide them for Fedora Legacy. Rahul