Debian Linux Security Advisory 2106-2 - DSA-2106-1 introduced a regression that could lead to an application crash. This update fixes this problem. Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
c6a830bde472afe2ae9ec35b17c34ec676ac3f1bcba9550a3f21e4ff941c2c5f
Ubuntu Security Notice 978-2 - USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
279e9c9f571dc9eb648f55303ef86819aa3f9ac4e057095049c812b308770b96
Ubuntu Security Notice 975-2 - USN-975-1 fixed vulnerabilities in Firefox and Xulrunner. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Various other issues were addressed.
d4f8fe00ff4692cdae02e6e9d2e61d82d7c87effedee8fa5741315f6628f0279
Mandriva Linux Security Advisory 2010-173 - Security issues were identified and fixed in firefox and mozilla-thinderbird. Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests. Cross-site scripting vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled. Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting protection mechanisms via UTF-7 encoding. Various other issues were addressed.
d2c5330326c33ebfdc1dc274a3d9263970b7874baf781cfc5de60069bb4084fe
Ubuntu Security Notice 978-1 - Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
36273ad9e76ae6b4735d7d4be276aefa43da892c6a64bf66805e2f2a014c897b
Ubuntu Security Notice 975-1 - Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Matt Haggard discovered that Firefox did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Firefox processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Firefox when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
6c34c75bcd76834d4a6c8efe936ec2cc6cf6d38460c2723c1ac2015bb161b45f
Debian Linux Security Advisory 2106-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
d8cb8c73353562f7410766d649b87d18007e13465c82259b176eb25a57955ac6