Bug 15555 - Firefox new security issues CVE-2015-0817 and CVE-2015-0818
Summary: Firefox new security issues CVE-2015-0817 and CVE-2015-0818
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/637568/
Whiteboard: has_procedure MGA4-32-OK mga4-64-ok a...
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2015-03-23 11:49 CET by Bill Wilkinson
Modified: 2015-03-24 00:59 CET (History)
4 users (show)

See Also:
Source RPM:
CVE:
Status comment:


Attachments

Description Bill Wilkinson 2015-03-23 11:49:21 CET
Mozilla has released firefox 31.5.3 to deal with the following bug:

https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/


Reproducible: 

Steps to Reproduce:
Comment 1 David Walser 2015-03-23 16:04:45 CET
Actually it was to deal with two bugs, issued on March 20:
https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/

Ubuntu has issued an advisory for this on March 22:
http://www.ubuntu.com/usn/usn-2538-1/

NSS 3.18 has also been released, and new rootcerts are available:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.18_release_notes

Version: 4 => Cauldron
Summary: Firefox new security updates in 31.5.3 => Firefox new security issues CVE-2015-0817 and CVE-2015-0818
Whiteboard: (none) => MGA5TOO, MGA4TOO
Severity: normal => critical

David Walser 2015-03-23 16:10:07 CET

CC: (none) => luigiwalser
Component: RPM Packages => Security
QA Contact: (none) => security

Comment 2 David Walser 2015-03-23 16:22:39 CET
Updates checked into SVN.  Freeze push requested for Cauldron.
Comment 3 David Walser 2015-03-23 16:32:24 CET
Saving the advisory for later when this is uploaded.

Advisory:
========================

Updated firefox packages fix security vulnerabilities:

A flaw was discovered in the implementation of typed array bounds checking
in the Javascript just-in-time compilation. If a user were tricked in to
opening a specially crafted website, an attacked could exploit this to
execute arbitrary code with the privileges of the user invoking Firefox
(CVE-2015-0817).

Mariusz Mlynski discovered a flaw in the processing of SVG format content
navigation. If a user were tricked in to opening a specially crafted
website, an attacker could exploit this to run arbitrary script in a
privileged context (CVE-2015-0818).

The firefox package has been updated to version 31.5.3 to fix these issues.

Also, the nss package has been updated to version 3.18, which enables TLS
and DTLS 1.2, increases the default RSA key size created by certutil to 2048
bits, and has some CA root certificate updates.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0817
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0818
https://www.mozilla.org/en-US/security/advisories/mfsa2015-28/
https://www.mozilla.org/en-US/security/advisories/mfsa2015-29/
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.18_release_notes
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/
http://www.ubuntu.com/usn/usn-2538-1/
========================

Updated packages in core/updates_testing:
========================
rootcerts-20150226.00-1.mga4
rootcerts-java-20150226.00-1.mga4
nss-3.18.0-1.mga4
nss-doc-3.18.0-1.mga4
libnss3-3.18.0-1.mga4
libnss-devel-3.18.0-1.mga4
libnss-static-devel-3.18.0-1.mga4
firefox-31.5.3-1.mga4
firefox-devel-31.5.3-1.mga4
firefox-af-31.5.3-1.mga4
firefox-ar-31.5.3-1.mga4
firefox-as-31.5.3-1.mga4
firefox-ast-31.5.3-1.mga4
firefox-be-31.5.3-1.mga4
firefox-bg-31.5.3-1.mga4
firefox-bn_IN-31.5.3-1.mga4
firefox-bn_BD-31.5.3-1.mga4
firefox-br-31.5.3-1.mga4
firefox-bs-31.5.3-1.mga4
firefox-ca-31.5.3-1.mga4
firefox-cs-31.5.3-1.mga4
firefox-csb-31.5.3-1.mga4
firefox-cy-31.5.3-1.mga4
firefox-da-31.5.3-1.mga4
firefox-de-31.5.3-1.mga4
firefox-el-31.5.3-1.mga4
firefox-en_GB-31.5.3-1.mga4
firefox-en_ZA-31.5.3-1.mga4
firefox-eo-31.5.3-1.mga4
firefox-es_AR-31.5.3-1.mga4
firefox-es_CL-31.5.3-1.mga4
firefox-es_ES-31.5.3-1.mga4
firefox-es_MX-31.5.3-1.mga4
firefox-et-31.5.3-1.mga4
firefox-eu-31.5.3-1.mga4
firefox-fa-31.5.3-1.mga4
firefox-ff-31.5.3-1.mga4
firefox-fi-31.5.3-1.mga4
firefox-fr-31.5.3-1.mga4
firefox-fy-31.5.3-1.mga4
firefox-ga_IE-31.5.3-1.mga4
firefox-gd-31.5.3-1.mga4
firefox-gl-31.5.3-1.mga4
firefox-gu_IN-31.5.3-1.mga4
firefox-he-31.5.3-1.mga4
firefox-hi-31.5.3-1.mga4
firefox-hr-31.5.3-1.mga4
firefox-hu-31.5.3-1.mga4
firefox-hy-31.5.3-1.mga4
firefox-id-31.5.3-1.mga4
firefox-is-31.5.3-1.mga4
firefox-it-31.5.3-1.mga4
firefox-ja-31.5.3-1.mga4
firefox-kk-31.5.3-1.mga4
firefox-ko-31.5.3-1.mga4
firefox-km-31.5.3-1.mga4
firefox-kn-31.5.3-1.mga4
firefox-ku-31.5.3-1.mga4
firefox-lij-31.5.3-1.mga4
firefox-lt-31.5.3-1.mga4
firefox-lv-31.5.3-1.mga4
firefox-mai-31.5.3-1.mga4
firefox-mk-31.5.3-1.mga4
firefox-ml-31.5.3-1.mga4
firefox-mr-31.5.3-1.mga4
firefox-nb_NO-31.5.3-1.mga4
firefox-nl-31.5.3-1.mga4
firefox-nn_NO-31.5.3-1.mga4
firefox-or-31.5.3-1.mga4
firefox-pa_IN-31.5.3-1.mga4
firefox-pl-31.5.3-1.mga4
firefox-pt_BR-31.5.3-1.mga4
firefox-pt_PT-31.5.3-1.mga4
firefox-ro-31.5.3-1.mga4
firefox-ru-31.5.3-1.mga4
firefox-si-31.5.3-1.mga4
firefox-sk-31.5.3-1.mga4
firefox-sl-31.5.3-1.mga4
firefox-sq-31.5.3-1.mga4
firefox-sr-31.5.3-1.mga4
firefox-sv_SE-31.5.3-1.mga4
firefox-ta-31.5.3-1.mga4
firefox-te-31.5.3-1.mga4
firefox-th-31.5.3-1.mga4
firefox-tr-31.5.3-1.mga4
firefox-uk-31.5.3-1.mga4
firefox-vi-31.5.3-1.mga4
firefox-zh_CN-31.5.3-1.mga4
firefox-zh_TW-31.5.3-1.mga4
firefox-zu-31.5.3-1.mga4

from SRPMS:
rootcerts-20150226.00-1.mga4.src.rpm
nss-3.18.0-1.mga4.src.rpm
firefox-31.5.3-1.mga4.src.rpm
firefox-l10n-31.5.3-1.mga4.src.rpm
Comment 4 David Walser 2015-03-23 18:48:36 CET
Updated packages uploaded for Mageia 4 and Cauldron.

See Comment 3 for the advisory and package list.

URL: (none) => http://lwn.net/Vulnerabilities/637568/
Version: Cauldron => 4
Assignee: bugsquad => qa-bugs
Whiteboard: MGA5TOO, MGA4TOO => (none)

Comment 5 Bill Wilkinson 2015-03-23 20:48:25 CET
David: 

Mozilla was only showing the one on the firefox ESR page, but both on the Seamonkey page.  Maybe I was too quick!

Tested MGA4-64

General browsing, sunspider for javascript, javatester for java plugin, youtube for flash plugin, https logins for nss and rootcerts, acid3.  All OK

CC: (none) => wrw105
Whiteboard: (none) => mga4-64-ok has_procedure

Comment 6 David Walser 2015-03-23 21:04:09 CET
Confirmed everything is working fine on Mageia 4 i586 as well.

Whiteboard: mga4-64-ok has_procedure => has_procedure MGA4-32-OK mga4-64-ok

Comment 7 Bill Wilkinson 2015-03-23 21:12:47 CET
validating

Can someone from the sysadmin team please push to core/updates?

Thanks!

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 8 Rémi Verschelde 2015-03-24 00:42:09 CET
Advisory uploaded.

CC: (none) => remi
Whiteboard: has_procedure MGA4-32-OK mga4-64-ok => has_procedure MGA4-32-OK mga4-64-ok advisory

Comment 9 Mageia Robot 2015-03-24 00:59:12 CET
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0115.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.