[Secure-testing-commits] r1706 - in data/DTSA: . advs

Joey Hess joeyh at costa.debian.org
Sun Aug 28 20:00:43 UTC 2005


Author: joeyh
Date: 2005-08-28 20:00:41 +0000 (Sun, 28 Aug 2005)
New Revision: 1706

Added:
   data/DTSA/DTSA-9-1
   data/DTSA/advs/9-mozilla-thunderbird.adv
Modified:
   data/DTSA/list
Log:
and thunderbird


Added: data/DTSA/DTSA-9-1
===================================================================
--- data/DTSA/DTSA-9-1	2005-08-28 19:59:20 UTC (rev 1705)
+++ data/DTSA/DTSA-9-1	2005-08-28 20:00:41 UTC (rev 1706)
@@ -0,0 +1,87 @@
+------------------------------------------------------------------------------
+Debian Testing Security Advisory DTSA-9-1     http://secure-testing.debian.net
+secure-testing-team at lists.alioth.debian.org                          Joey Hess
+August 28th, 2005
+------------------------------------------------------------------------------
+
+Package        : mozilla-thunderbird
+Vulnerability  : several vulnerabilities
+Problem-Scope  : remote
+Debian-specific: No
+CVE ID         : CAN-2005-0989 CAN-2005-1159 CAN-2005-1160 CAN-2005-1532 CAN-2005-2261 CAN-2005-2265 CAN-2005-2266 CAN-2005-2269 CAN-2005-2270 
+
+Several problems have been discovered in Mozilla Thunderbird, the standalone
+mail client of the Mozilla suite. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CAN-2005-0989
+
+Remote attackers could read portions of heap memory into a Javascript string
+via the lambda replace method.
+
+CAN-2005-1159
+
+The Javascript interpreter could be tricked to continue execution at the
+wrong memory address, which may allow attackers to cause a denial of service
+(application crash) and possibly execute arbitrary code.
+
+CAN-2005-1160
+
+Remote attackers could override certain properties or methods of DOM nodes
+and gain privileges.
+
+CAN-2005-1532
+
+Remote attackers could override certain properties or methods due to missing
+proper limitation of Javascript eval and Script objects and gain privileges.
+
+CAN-2005-2261
+
+XML scripts ran even when Javascript was disabled.
+
+CAN-2005-2265
+
+Missing input sanitising of InstallVersion.compareTo() can cause the
+application to crash.
+
+CAN-2005-2266
+
+Remote attackers could steal sensitive information such as cookies and
+passwords from web sites by accessing data in alien frames.
+
+CAN-2005-2269
+
+Remote attackers could modify certain tag properties of DOM nodes that could
+lead to the execution of arbitrary script or code.
+
+CAN-2005-2270
+
+The Mozilla browser family does not properly clone base objects, which allows
+remote attackers to execute arbitrary code.
+
+For the testing distribution (etch) this is fixed in version
+1.0.2-3etch1
+
+For the unstable distribution (sid) this is fixed in version
+1.0.6-3
+
+This upgrade is recommended if you use mozilla-thunderbird.
+
+Upgrade Instructions
+--------------------
+
+To use the Debian testing security archive, add the following lines to
+your /etc/apt/sources.list:
+
+deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free
+deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free
+
+The archive signing key can be downloaded from
+http://secure-testing.debian.net/ziyi-2005-7.asc
+
+To install the update, run this command as root:
+
+apt-get update && apt-get install mozilla-thunderbird
+
+For further information about the Debian testing security team, please refer
+to http://secure-testing.debian.net/

Added: data/DTSA/advs/9-mozilla-thunderbird.adv
===================================================================
--- data/DTSA/advs/9-mozilla-thunderbird.adv	2005-08-28 19:59:20 UTC (rev 1705)
+++ data/DTSA/advs/9-mozilla-thunderbird.adv	2005-08-28 20:00:41 UTC (rev 1706)
@@ -0,0 +1,59 @@
+dtsa: DTSA-9-1
+source: mozilla-thunderbird
+date: August 28th, 2005
+author: Joey Hess
+vuln-type: several vulnerabilities
+problem-scope: remote
+debian-specific: no
+cve: CAN-2005-0989 CAN-2005-1159 CAN-2005-1160 CAN-2005-1532 CAN-2005-2261 CAN-2005-2265 CAN-2005-2266 CAN-2005-2269 CAN-2005-2270
+testing-fix: 1.0.2-3etch1
+sid-fix: 1.0.6-3
+
+Several problems have been discovered in Mozilla Thunderbird, the standalone
+mail client of the Mozilla suite. The Common Vulnerabilities and Exposures
+project identifies the following problems:
+
+CAN-2005-0989
+
+  Remote attackers could read portions of heap memory into a Javascript string
+  via the lambda replace method.
+
+CAN-2005-1159
+
+  The Javascript interpreter could be tricked to continue execution at the
+  wrong memory address, which may allow attackers to cause a denial of service
+  (application crash) and possibly execute arbitrary code.
+
+CAN-2005-1160
+
+  Remote attackers could override certain properties or methods of DOM nodes
+  and gain privileges.
+
+CAN-2005-1532
+
+  Remote attackers could override certain properties or methods due to missing
+  proper limitation of Javascript eval and Script objects and gain privileges.
+
+CAN-2005-2261
+
+  XML scripts ran even when Javascript was disabled.
+
+CAN-2005-2265
+
+  Missing input sanitising of InstallVersion.compareTo() can cause the
+  application to crash.
+
+CAN-2005-2266
+
+  Remote attackers could steal sensitive information such as cookies and
+  passwords from web sites by accessing data in alien frames.
+
+CAN-2005-2269
+
+  Remote attackers could modify certain tag properties of DOM nodes that could
+  lead to the execution of arbitrary script or code.
+
+CAN-2005-2270
+
+  The Mozilla browser family does not properly clone base objects, which allows
+  remote attackers to execute arbitrary code.

Modified: data/DTSA/list
===================================================================
--- data/DTSA/list	2005-08-28 19:59:20 UTC (rev 1705)
+++ data/DTSA/list	2005-08-28 20:00:41 UTC (rev 1706)
@@ -1,3 +1,6 @@
+[28 Aug 2005] DTSA-9-1 mozilla-thunderbird - several vulnerabilities
+	- mozilla-thunderbird 1.0.2-3etch1
+	NOTE: joeyh working on it
 [28 Aug 2005] DTSA-8-1 mozilla-firefox - several vulnerabilities
 	- mozilla-firefox 1.0.4-2sarge2
 	NOTE: joeyh working on it
@@ -24,6 +27,3 @@
 [26 Aug 2005] DTSA-1-1 kismet - remote code execution
 	{CAN-2005-2626 CAN-2005-2627}
 	- kismet 2005.08.R1-0.1etch1 (high)
-NOTE: joeyh investingating doing mozilla-* (probably just copying the DSAs
-NOTE: packages as testing is not updated vs stable at all for mozilla-*,
-NOTE: except for thunderbird)




More information about the Secure-testing-commits mailing list