Bug 7800

Summary: firefox new security issue CVE-2012-4193 fixed in 10.0.9
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: critical    
Priority: Normal CC: davidwhodgins, geiger.david68210, sysadmin-bugs, tmb
Version: 2Keywords: validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard: MGA1TOO mga2-64-OK MGA2-32-OK MGA1-64-OK MGA1-32-OK
Source RPM: firefox CVE:
Status comment:

Description David Walser 2012-10-15 14:24:14 CEST 
Mandriva has issued an advisory on October 13:
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:167

Updated packages uploaded for Mageia 1 and Mageia 2.

Advisory:
========================

Updated firefox packages fix security vulnerability:

Mozilla security researcher moz_bug_r_a4 reported a regression where
security wrappers are unwrapped without doing a security check in
defaultValue(). This can allow for improper access access to the
Location object. In versions 15 and earlier of affected products, there
was also the potential for arbitrary code execution (CVE-2012-4193).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:167
========================

Updated packages in core/updates_testing:
========================
firefox-10.0.9-1.mga1
firefox-devel-10.0.9-1.mga1
firefox-af-10.0.9-1.mga1
firefox-ar-10.0.9-1.mga1
firefox-ast-10.0.9-1.mga1
firefox-be-10.0.9-1.mga1
firefox-bg-10.0.9-1.mga1
firefox-bn_IN-10.0.9-1.mga1
firefox-bn_BD-10.0.9-1.mga1
firefox-br-10.0.9-1.mga1
firefox-bs-10.0.9-1.mga1
firefox-ca-10.0.9-1.mga1
firefox-cs-10.0.9-1.mga1
firefox-cy-10.0.9-1.mga1
firefox-da-10.0.9-1.mga1
firefox-de-10.0.9-1.mga1
firefox-el-10.0.9-1.mga1
firefox-en_GB-10.0.9-1.mga1
firefox-en_ZA-10.0.9-1.mga1
firefox-eo-10.0.9-1.mga1
firefox-es_AR-10.0.9-1.mga1
firefox-es_CL-10.0.9-1.mga1
firefox-es_ES-10.0.9-1.mga1
firefox-es_MX-10.0.9-1.mga1
firefox-et-10.0.9-1.mga1
firefox-eu-10.0.9-1.mga1
firefox-fa-10.0.9-1.mga1
firefox-fi-10.0.9-1.mga1
firefox-fr-10.0.9-1.mga1
firefox-fy-10.0.9-1.mga1
firefox-ga_IE-10.0.9-1.mga1
firefox-gd-10.0.9-1.mga1
firefox-gl-10.0.9-1.mga1
firefox-gu_IN-10.0.9-1.mga1
firefox-he-10.0.9-1.mga1
firefox-hi-10.0.9-1.mga1
firefox-hr-10.0.9-1.mga1
firefox-hu-10.0.9-1.mga1
firefox-hy-10.0.9-1.mga1
firefox-id-10.0.9-1.mga1
firefox-is-10.0.9-1.mga1
firefox-it-10.0.9-1.mga1
firefox-ja-10.0.9-1.mga1
firefox-kk-10.0.9-1.mga1
firefox-ko-10.0.9-1.mga1
firefox-kn-10.0.9-1.mga1
firefox-ku-10.0.9-1.mga1
firefox-lg-10.0.9-1.mga1
firefox-lt-10.0.9-1.mga1
firefox-lv-10.0.9-1.mga1
firefox-mai-10.0.9-1.mga1
firefox-mk-10.0.9-1.mga1
firefox-ml-10.0.9-1.mga1
firefox-mr-10.0.9-1.mga1
firefox-nb_NO-10.0.9-1.mga1
firefox-nl-10.0.9-1.mga1
firefox-nn_NO-10.0.9-1.mga1
firefox-nso-10.0.9-1.mga1
firefox-or-10.0.9-1.mga1
firefox-pa_IN-10.0.9-1.mga1
firefox-pl-10.0.9-1.mga1
firefox-pt_BR-10.0.9-1.mga1
firefox-pt_PT-10.0.9-1.mga1
firefox-ro-10.0.9-1.mga1
firefox-ru-10.0.9-1.mga1
firefox-si-10.0.9-1.mga1
firefox-sk-10.0.9-1.mga1
firefox-sl-10.0.9-1.mga1
firefox-sq-10.0.9-1.mga1
firefox-sr-10.0.9-1.mga1
firefox-sv_SE-10.0.9-1.mga1
firefox-ta-10.0.9-1.mga1
firefox-ta_LK-10.0.9-1.mga1
firefox-te-10.0.9-1.mga1
firefox-th-10.0.9-1.mga1
firefox-tr-10.0.9-1.mga1
firefox-uk-10.0.9-1.mga1
firefox-vi-10.0.9-1.mga1
firefox-zh_CN-10.0.9-1.mga1
firefox-zh_TW-10.0.9-1.mga1
firefox-zu-10.0.9-1.mga1
firefox-10.0.9-1.mga2
firefox-devel-10.0.9-1.mga2
firefox-af-10.0.9-1.mga2
firefox-ar-10.0.9-1.mga2
firefox-ast-10.0.9-1.mga2
firefox-be-10.0.9-1.mga2
firefox-bg-10.0.9-1.mga2
firefox-bn_IN-10.0.9-1.mga2
firefox-bn_BD-10.0.9-1.mga2
firefox-br-10.0.9-1.mga2
firefox-bs-10.0.9-1.mga2
firefox-ca-10.0.9-1.mga2
firefox-cs-10.0.9-1.mga2
firefox-cy-10.0.9-1.mga2
firefox-da-10.0.9-1.mga2
firefox-de-10.0.9-1.mga2
firefox-el-10.0.9-1.mga2
firefox-en_GB-10.0.9-1.mga2
firefox-en_ZA-10.0.9-1.mga2
firefox-eo-10.0.9-1.mga2
firefox-es_AR-10.0.9-1.mga2
firefox-es_CL-10.0.9-1.mga2
firefox-es_ES-10.0.9-1.mga2
firefox-es_MX-10.0.9-1.mga2
firefox-et-10.0.9-1.mga2
firefox-eu-10.0.9-1.mga2
firefox-fa-10.0.9-1.mga2
firefox-fi-10.0.9-1.mga2
firefox-fr-10.0.9-1.mga2
firefox-fy-10.0.9-1.mga2
firefox-ga_IE-10.0.9-1.mga2
firefox-gd-10.0.9-1.mga2
firefox-gl-10.0.9-1.mga2
firefox-gu_IN-10.0.9-1.mga2
firefox-he-10.0.9-1.mga2
firefox-hi-10.0.9-1.mga2
firefox-hr-10.0.9-1.mga2
firefox-hu-10.0.9-1.mga2
firefox-hy-10.0.9-1.mga2
firefox-id-10.0.9-1.mga2
firefox-is-10.0.9-1.mga2
firefox-it-10.0.9-1.mga2
firefox-ja-10.0.9-1.mga2
firefox-kk-10.0.9-1.mga2
firefox-ko-10.0.9-1.mga2
firefox-kn-10.0.9-1.mga2
firefox-ku-10.0.9-1.mga2
firefox-lg-10.0.9-1.mga2
firefox-lt-10.0.9-1.mga2
firefox-lv-10.0.9-1.mga2
firefox-mai-10.0.9-1.mga2
firefox-mk-10.0.9-1.mga2
firefox-ml-10.0.9-1.mga2
firefox-mr-10.0.9-1.mga2
firefox-nb_NO-10.0.9-1.mga2
firefox-nl-10.0.9-1.mga2
firefox-nn_NO-10.0.9-1.mga2
firefox-nso-10.0.9-1.mga2
firefox-or-10.0.9-1.mga2
firefox-pa_IN-10.0.9-1.mga2
firefox-pl-10.0.9-1.mga2
firefox-pt_BR-10.0.9-1.mga2
firefox-pt_PT-10.0.9-1.mga2
firefox-ro-10.0.9-1.mga2
firefox-ru-10.0.9-1.mga2
firefox-si-10.0.9-1.mga2
firefox-sk-10.0.9-1.mga2
firefox-sl-10.0.9-1.mga2
firefox-sq-10.0.9-1.mga2
firefox-sr-10.0.9-1.mga2
firefox-sv_SE-10.0.9-1.mga2
firefox-ta-10.0.9-1.mga2
firefox-ta_LK-10.0.9-1.mga2
firefox-te-10.0.9-1.mga2
firefox-th-10.0.9-1.mga2
firefox-tr-10.0.9-1.mga2
firefox-uk-10.0.9-1.mga2
firefox-vi-10.0.9-1.mga2
firefox-zh_CN-10.0.9-1.mga2
firefox-zh_TW-10.0.9-1.mga2
firefox-zu-10.0.9-1.mga2

from SRPMS:
firefox-10.0.9-1.mga1.src.rpm
firefox-l10n-10.0.9-1.mga1.src.rpm
firefox-10.0.9-1.mga2.src.rpm
firefox-l10n-10.0.9-1.mga2.src.rpm
David Walser 2012-10-15 14:24:46 CEST

Whiteboard: (none) => MGA1TOO

Comment 1 claire robinson 2012-10-15 15:01:00 CEST 
Tested OK mga2 64

Java, https, flash, flash over https, spelling, bookmarks etc

Whiteboard: MGA1TOO => MGA1TOO mga2-64-OK

Comment 2 David GEIGER 2012-10-15 21:48:53 CEST 
Testing complete for firefox-10.0.9-1.mga2 and firefox-fr-10.0.9-1.mga2 on Mageia release 2 (Official) for x86_64 ,for me it's Ok ,it works fine and nothind to report.

CC: (none) => geiger.david68210

Comment 3 Dave Hodgins 2012-10-16 00:01:09 CEST 
Testing complete Mageia 2 i586, Mageia 1 i586 and x86-64.

Could someone from the sysadmin team push the srpms
firefox-10.0.9-1.mga2.src.rpm
firefox-l10n-10.0.9-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates and the srpms
firefox-10.0.9-1.mga1.src.rpm
firefox-l10n-10.0.9-1.mga1.src.rpm
from Mageia 1 Core Updates Testing to Core Updates.

Advisory: Updated firefox packages fix security vulnerability:

Mozilla security researcher moz_bug_r_a4 reported a regression where
security wrappers are unwrapped without doing a security check in
defaultValue(). This can allow for improper access access to the
Location object. In versions 15 and earlier of affected products, there
was also the potential for arbitrary code execution (CVE-2012-4193).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:167

https://bugs.mageia.org/show_bug.cgi?id=7800

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs
Whiteboard: MGA1TOO mga2-64-OK => MGA1TOO mga2-64-OK MGA2-32-OK MGA1-64-OK MGA1-32-OK

Comment 4 Thomas Backlund 2012-10-16 01:08:56 CEST 
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0295

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED