Date: 08 May 2002 21:13:43 -0400 From: Joe Marcus Clarke <marcus@marcuscom.com> To: Trevor Johnson <trevor@jpj.net> Cc: Chris Faulhaber <jedgar@fxp.org>, security-officer@FreeBSD.ORG, gnome@FreeBSD.ORG Subject: Re: FYI: more Mozilla security bugs Message-ID: <1020906823.57890.17.camel@shumai.marcuscom.com> In-Reply-To: <20020508205233.V29451-100000@blues.jpj.net> References: <20020508205233.V29451-100000@blues.jpj.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-Fj+legu9nzJOgI3j1VKA
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Wed, 2002-05-08 at 21:58, Trevor Johnson wrote:
> Chris Faulhaber wrote:
>=20
> > On Wed, May 08, 2002 at 08:06:52PM -0400, Trevor Johnson wrote:
> > > trevor 2002/05/08 17:03:03 PDT
> > >
> > > Modified files:
> > > www/linux-mozilla Makefile distinfo
> > > www/linux-mozilla/scripts configure
> > > Log:
> > > Update to a nightly build. Using the GreyMagic Mozilla Disk Explor=
er
> > > and c't Browsercheck, I am no longer able to activate bug #141061
> > > ("XMLHttpRequest allows reading of local files").
> > >
> > > In message <52D05AEFB0D95C4BAD179A054A54CDEB1BD37A@mailsrv1.jubii.d=
k>
> > > on Bugtraq, Thor Larholm described a buffer overflow in Chatzilla.
> > > I confirmed the bug with this version of Mozilla/Chatzilla. Theref=
ore
> > > the chatzilla component is now omitted from batch builds and defaul=
ts
> > > to being omitted from interactive ones too (XFree86 did crash
> > > once--perhaps taken down by Mozilla--when I was viewing Thor's
> > > demonstration page for the bug, but a second visit was uneventful).
> > > I added a warning in capitals for interactive users. I was unable
> > > to reproduce the other bug reported by Thor in the same message.
> > >
> >
> > Thanks for the heads up, I have added this to the upcoming
> > Security Notice. Do these affect the native FreeBSD build
> > also?
>=20
> I did not test the native Mozilla, since I do not have it installed. For
> someone who does, testing is easy: just go to Thor's demonstration pages
> at http://jscript.dk/2002/4/moz1rc1tests/ircbufferoverrun.html and
> http://jscript.dk/2002/4/NS6Tests/LinkLocalFileDetect.asp (for the latter=
,
> you will want to try some POSIX filenames). These pages are mentioned in
> his message, which I forwarded to you. I also made a non-javascript
> demonstration page for the chatzilla bug, at
> http://jpj.net/~trevor/evil.html . Please do not publicize it.
I just tested Mozilla 1.0.rc1_1,1 in the ports tree, and it is
vulnerable to the Chatzilla problem. I will disable Chatzilla. Thanks,
Trevor, for the link. =20
Joe
> --=20
> Trevor Johnson
>=20
>=20
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-gnome" in the body of the message
>=20
--=-Fj+legu9nzJOgI3j1VKA
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iD8DBQA82c1Gb2iPiv4Uz4cRAhZaAJ9eWGqce/IuPLmjQascY5oQ8ldgYwCfRTeH
9U0FvYvuAsmvfkvyTsnINRc=
=Qml/
-----END PGP SIGNATURE-----
--=-Fj+legu9nzJOgI3j1VKA--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-gnome" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1020906823.57890.17.camel>