[Bug 254618] [NEW] Please update xulrunner to 1.8.1.16 version.

Launchpad Bug Tracker 254618 at bugs.launchpad.net
Mon Aug 4 15:19:43 BST 2008 

You have been subscribed to a public bug by Devid Antonio Filoni (d.filoni):

Binary package hint: xulrunner

Please update xulrunner to 1.8.1.16 version.

>From Firefox Security Advisory:
 + Fixed in Firefox 2.0.0.16
     - MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
     - MFSA 2008-34 Remote code execution by overflowing CSS reference counter
 + Fixed in Firefox 2.0.0.15
     - MFSA 2008-33 Crash and remote code execution in block reflow
     - MFSA 2008-32 Remote site run as local file via Windows URL shortcut
     - MFSA 2008-31 Peer-trusted certs can use alt names to spoof
     - MFSA 2008-30 File location URL in directory listings not escaped properly
     - MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
     - MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
     - MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
     - MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
     - MFSA 2008-24 Chrome script loading from fastload file
     - MFSA 2008-23 Signed JAR tampering
     - MFSA 2008-22 XSS through JavaScript same-origin violation
     - MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)


>From Thunderbird Security Advisory:
 + Fixed in Thunderbird 2.0.0.16
     - MFSA 2008-34 Remote code execution by overflowing CSS reference counter
     - MFSA 2008-33 Crash and remote code execution in block reflow
     - MFSA 2008-31 Peer-trusted certs can use alt names to spoof
     - MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
     - MFSA 2008-26 Buffer length checks in MIME processing
     - MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
     - MFSA 2008-24 Chrome script loading from fastload file
     - MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

** Affects: xulrunner (Ubuntu)
     Importance: Undecided
         Status: Confirmed

-- 
Please update xulrunner to 1.8.1.16 version.
https://bugs.edge.launchpad.net/bugs/254618
You received this bug notification because you are a member of Ubuntu Sponsors for universe, which is a direct subscriber.

More information about the Ubuntu-universe-sponsors mailing list