[BSA-038] Security Update for icedove

To: debian-backports-announce <debian-backports-announce@lists.debian.org>
Subject: [BSA-038] Security Update for icedove
From: Christoph Goehre <chris@sigxcpu.org>
Date: Fri, 1 Jul 2011 19:25:25 +0200
Message-id: <[🔎] 20110701172525.GB2782@oxana.chris.lan>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Christoph Göhre uploaded new packages for icedove which fixed the following
security problems:

CVE-2011-0083

  Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in
  the implementation of SVG element lists allows remote attackers to cause a
  denial of service (application crash) or possibly execute arbitrary code via
  vectors involving a user-supplied callback.

CVE-2011-0085

  Use-after-free vulnerability in the nsXULCommandDispatcher function allows
  remote attackers to execute arbitrary code via a crafted XUL document that
  dequeues the current command updater.

CVE-2011-2362

  Icedove do not distinguish between cookies for two domain names that differ
  only in a trailing dot, which allows remote web servers to bypass the Same
  Origin Policy via Set-Cookie headers.

CVE-2011-2363

  Use-after-free vulnerability in the nsSVGPointList::AppendElement function in
  the implementation of SVG element lists allows remote attackers to cause a
  denial of service (application crash) or possibly execute arbitrary code via
  vectors involving a user-supplied callback.

CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376

  Unspecified vulnerability allows remote attackers to cause a denial of
  service (memory corruption and application crash) or possibly execute
  arbitrary code.

CVE-2011-2371

  Integer overflow in the Array.reduceRight method allows remote attackers to
  execute arbitrary code via vectors involving a long JavaScript Array object.

CVE-2011-2373

  Use-after-free vulnerability allows remote attackers to execute arbitrary
  code via a crafted XUL document.

CVE-2011-2377

  Allow remote attackers to cause a denial of service (memory corruption and
  application crash) or possibly execute arbitrary code via a
  multipart/x-mixed-replace image.

For the squeeze-backports distribution, this problem have been fixed in
version 3.1.11-1~bpo60+1.

For the testing distribution (wheezy), this problem has been fixed in
version 3.1.11-1.

For the unstable distribution (sid), this problem has been fixed in
version 3.1.11-1.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJODgMFAAoJECbjyHWnRCDvy48P/1Q3S7rjbeoTVB7efk6xV3/r
/UVtFMe7JDOUnJRMHY3ldWB299nYE8T0jhBvGMP8CN9DzwBzFKrGQ+0dY6nFni2L
osqwZ+pA3Si8DasXgS2plJ2GkoaM92W0jonIdc6qtPRK10LgAqhk0g41aIBTBYTL
GG1HC8qlcLDNy/2CEdHDbdvhET+enkQ+EcL9aQLZS1aDYSgkIBFdICB0goP5wlUm
zojiV9G7eOcDK07+Sr1ppOrhZDrYv7tRo97nmafZCc/5HkqWLmOGufeEOrNFDcpB
9d79GZ6zrs/DfO70HJXY9kWCbBJVrNeKHdDzKmBbsjxiSli9qORkClc3ge4Ki192
T4AaeCkJ7UETf2hgmtY5aD/ynUh9qlLVRRiG0z4lBZyylRii41+2UxC6kGPjpPma
b17CJ5Dh3fQIO8IJEjAPvbOubfyiCA2vX2JKWz9QAeWAU0p1l3ZJlBouLUNvpkWX
erqELKasUiGlqGiHTHWUt/xBIwuRL7zxMdo31M+Tw+yrpS3q2ItcDKfwQkz6exVC
zaaoSECEIu2yWCY8VyZ3Jtlu3IZZNhqoDW7YVPN/F99cmgHQxpO0gDOErq7iSDBu
lfzd8xmJCsSqNHY4dmju2IFvnuRDr/4tQDDCGwSYr3U9u+HHJqmKQuo+Wabam33H
6Iob0Iv/7MxUhNtYJ85b
=Gaca
-----END PGP SIGNATURE-----

Reply to:

Next by Date: [BSA-040] Security Update for iceweasel
Next by thread: [BSA-040] Security Update for iceweasel
Index(es):
- Date
- Thread