[BLFS Trac] #2595: firefox-3.0.5 / xulrunner- (was: firefox-3.0.4 / xulrunner-

BLFS Trac trac at linuxfromscratch.org
Thu Dec 18 02:38:10 PST 2008

#2595: firefox-3.0.5 / xulrunner-
 Reporter:  ken@…                     |       Owner:  blfs-book@…                   
     Type:  task                      |      Status:  new                           
 Priority:  normal                    |   Milestone:  6.4                           
Component:  BOOK                      |     Version:  SVN                           
 Severity:  normal                    |    Keywords:                                

Comment(by ken@…):

 Version increment to 3.0.5, the usual security fixes:
 Fixed in Firefox 3.0.5
 MFSA 2008-69 XSS vulnerabilities in SessionStore
 MFSA 2008-68 XSS and JavaScript privilege escalation
 MFSA 2008-67 Escaped null characters ignored by CSS parser
 MFSA 2008-66 Errors parsing URLs with leading whitespace and control
 MFSA 2008-65 Cross-domain data theft via script redirect error message
 MFSA 2008-64 XMLHttpRequest 302 response disclosure
 MFSA 2008-63 User tracking via XUL persist attribute
 MFSA 2008-60 Crashes with evidence of memory corruption

 Again, there is no separate xulrunner, but I see that xulrunner-
 did eventually get released.  Confirmed that the internal version of
 xulrunner is set to (config/autoconf.mk)

Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/2595#comment:3>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch

More information about the blfs-book mailing list