7800 – firefox new security issue CVE-2012-4193 fixed in 10.0.9

Bug 7800 - firefox new security issue CVE-2012-4193 fixed in 10.0.9

Summary: firefox new security issue CVE-2012-4193 fixed in 10.0.9

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	2
Hardware:	i586 Linux

Priority:	Normal Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:

URL:
Whiteboard:	MGA1TOO mga2-64-OK MGA2-32-OK MGA1-64...
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2012-10-15 14:24 CEST by David Walser
Modified:	2012-10-16 01:08 CEST (History)
CC List:	4 users (show)

See Also:
Source RPM:	firefox
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2012-10-15 14:24:14 CEST

Mandriva has issued an advisory on October 13:
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:167

Updated packages uploaded for Mageia 1 and Mageia 2.

Advisory:
========================

Updated firefox packages fix security vulnerability:

Mozilla security researcher moz_bug_r_a4 reported a regression where
security wrappers are unwrapped without doing a security check in
defaultValue(). This can allow for improper access access to the
Location object. In versions 15 and earlier of affected products, there
was also the potential for arbitrary code execution (CVE-2012-4193).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:167
========================

Updated packages in core/updates_testing:
========================
firefox-10.0.9-1.mga1
firefox-devel-10.0.9-1.mga1
firefox-af-10.0.9-1.mga1
firefox-ar-10.0.9-1.mga1
firefox-ast-10.0.9-1.mga1
firefox-be-10.0.9-1.mga1
firefox-bg-10.0.9-1.mga1
firefox-bn_IN-10.0.9-1.mga1
firefox-bn_BD-10.0.9-1.mga1
firefox-br-10.0.9-1.mga1
firefox-bs-10.0.9-1.mga1
firefox-ca-10.0.9-1.mga1
firefox-cs-10.0.9-1.mga1
firefox-cy-10.0.9-1.mga1
firefox-da-10.0.9-1.mga1
firefox-de-10.0.9-1.mga1
firefox-el-10.0.9-1.mga1
firefox-en_GB-10.0.9-1.mga1
firefox-en_ZA-10.0.9-1.mga1
firefox-eo-10.0.9-1.mga1
firefox-es_AR-10.0.9-1.mga1
firefox-es_CL-10.0.9-1.mga1
firefox-es_ES-10.0.9-1.mga1
firefox-es_MX-10.0.9-1.mga1
firefox-et-10.0.9-1.mga1
firefox-eu-10.0.9-1.mga1
firefox-fa-10.0.9-1.mga1
firefox-fi-10.0.9-1.mga1
firefox-fr-10.0.9-1.mga1
firefox-fy-10.0.9-1.mga1
firefox-ga_IE-10.0.9-1.mga1
firefox-gd-10.0.9-1.mga1
firefox-gl-10.0.9-1.mga1
firefox-gu_IN-10.0.9-1.mga1
firefox-he-10.0.9-1.mga1
firefox-hi-10.0.9-1.mga1
firefox-hr-10.0.9-1.mga1
firefox-hu-10.0.9-1.mga1
firefox-hy-10.0.9-1.mga1
firefox-id-10.0.9-1.mga1
firefox-is-10.0.9-1.mga1
firefox-it-10.0.9-1.mga1
firefox-ja-10.0.9-1.mga1
firefox-kk-10.0.9-1.mga1
firefox-ko-10.0.9-1.mga1
firefox-kn-10.0.9-1.mga1
firefox-ku-10.0.9-1.mga1
firefox-lg-10.0.9-1.mga1
firefox-lt-10.0.9-1.mga1
firefox-lv-10.0.9-1.mga1
firefox-mai-10.0.9-1.mga1
firefox-mk-10.0.9-1.mga1
firefox-ml-10.0.9-1.mga1
firefox-mr-10.0.9-1.mga1
firefox-nb_NO-10.0.9-1.mga1
firefox-nl-10.0.9-1.mga1
firefox-nn_NO-10.0.9-1.mga1
firefox-nso-10.0.9-1.mga1
firefox-or-10.0.9-1.mga1
firefox-pa_IN-10.0.9-1.mga1
firefox-pl-10.0.9-1.mga1
firefox-pt_BR-10.0.9-1.mga1
firefox-pt_PT-10.0.9-1.mga1
firefox-ro-10.0.9-1.mga1
firefox-ru-10.0.9-1.mga1
firefox-si-10.0.9-1.mga1
firefox-sk-10.0.9-1.mga1
firefox-sl-10.0.9-1.mga1
firefox-sq-10.0.9-1.mga1
firefox-sr-10.0.9-1.mga1
firefox-sv_SE-10.0.9-1.mga1
firefox-ta-10.0.9-1.mga1
firefox-ta_LK-10.0.9-1.mga1
firefox-te-10.0.9-1.mga1
firefox-th-10.0.9-1.mga1
firefox-tr-10.0.9-1.mga1
firefox-uk-10.0.9-1.mga1
firefox-vi-10.0.9-1.mga1
firefox-zh_CN-10.0.9-1.mga1
firefox-zh_TW-10.0.9-1.mga1
firefox-zu-10.0.9-1.mga1
firefox-10.0.9-1.mga2
firefox-devel-10.0.9-1.mga2
firefox-af-10.0.9-1.mga2
firefox-ar-10.0.9-1.mga2
firefox-ast-10.0.9-1.mga2
firefox-be-10.0.9-1.mga2
firefox-bg-10.0.9-1.mga2
firefox-bn_IN-10.0.9-1.mga2
firefox-bn_BD-10.0.9-1.mga2
firefox-br-10.0.9-1.mga2
firefox-bs-10.0.9-1.mga2
firefox-ca-10.0.9-1.mga2
firefox-cs-10.0.9-1.mga2
firefox-cy-10.0.9-1.mga2
firefox-da-10.0.9-1.mga2
firefox-de-10.0.9-1.mga2
firefox-el-10.0.9-1.mga2
firefox-en_GB-10.0.9-1.mga2
firefox-en_ZA-10.0.9-1.mga2
firefox-eo-10.0.9-1.mga2
firefox-es_AR-10.0.9-1.mga2
firefox-es_CL-10.0.9-1.mga2
firefox-es_ES-10.0.9-1.mga2
firefox-es_MX-10.0.9-1.mga2
firefox-et-10.0.9-1.mga2
firefox-eu-10.0.9-1.mga2
firefox-fa-10.0.9-1.mga2
firefox-fi-10.0.9-1.mga2
firefox-fr-10.0.9-1.mga2
firefox-fy-10.0.9-1.mga2
firefox-ga_IE-10.0.9-1.mga2
firefox-gd-10.0.9-1.mga2
firefox-gl-10.0.9-1.mga2
firefox-gu_IN-10.0.9-1.mga2
firefox-he-10.0.9-1.mga2
firefox-hi-10.0.9-1.mga2
firefox-hr-10.0.9-1.mga2
firefox-hu-10.0.9-1.mga2
firefox-hy-10.0.9-1.mga2
firefox-id-10.0.9-1.mga2
firefox-is-10.0.9-1.mga2
firefox-it-10.0.9-1.mga2
firefox-ja-10.0.9-1.mga2
firefox-kk-10.0.9-1.mga2
firefox-ko-10.0.9-1.mga2
firefox-kn-10.0.9-1.mga2
firefox-ku-10.0.9-1.mga2
firefox-lg-10.0.9-1.mga2
firefox-lt-10.0.9-1.mga2
firefox-lv-10.0.9-1.mga2
firefox-mai-10.0.9-1.mga2
firefox-mk-10.0.9-1.mga2
firefox-ml-10.0.9-1.mga2
firefox-mr-10.0.9-1.mga2
firefox-nb_NO-10.0.9-1.mga2
firefox-nl-10.0.9-1.mga2
firefox-nn_NO-10.0.9-1.mga2
firefox-nso-10.0.9-1.mga2
firefox-or-10.0.9-1.mga2
firefox-pa_IN-10.0.9-1.mga2
firefox-pl-10.0.9-1.mga2
firefox-pt_BR-10.0.9-1.mga2
firefox-pt_PT-10.0.9-1.mga2
firefox-ro-10.0.9-1.mga2
firefox-ru-10.0.9-1.mga2
firefox-si-10.0.9-1.mga2
firefox-sk-10.0.9-1.mga2
firefox-sl-10.0.9-1.mga2
firefox-sq-10.0.9-1.mga2
firefox-sr-10.0.9-1.mga2
firefox-sv_SE-10.0.9-1.mga2
firefox-ta-10.0.9-1.mga2
firefox-ta_LK-10.0.9-1.mga2
firefox-te-10.0.9-1.mga2
firefox-th-10.0.9-1.mga2
firefox-tr-10.0.9-1.mga2
firefox-uk-10.0.9-1.mga2
firefox-vi-10.0.9-1.mga2
firefox-zh_CN-10.0.9-1.mga2
firefox-zh_TW-10.0.9-1.mga2
firefox-zu-10.0.9-1.mga2

from SRPMS:
firefox-10.0.9-1.mga1.src.rpm
firefox-l10n-10.0.9-1.mga1.src.rpm
firefox-10.0.9-1.mga2.src.rpm
firefox-l10n-10.0.9-1.mga2.src.rpm

David Walser 2012-10-15 14:24:46 CEST

Whiteboard: (none) => MGA1TOO

Comment 1 claire robinson 2012-10-15 15:01:00 CEST

Tested OK mga2 64

Java, https, flash, flash over https, spelling, bookmarks etc

Whiteboard: MGA1TOO => MGA1TOO mga2-64-OK

Comment 2 David GEIGER 2012-10-15 21:48:53 CEST

Testing complete for firefox-10.0.9-1.mga2 and firefox-fr-10.0.9-1.mga2 on Mageia release 2 (Official) for x86_64 ,for me it's Ok ,it works fine and nothind to report.

CC: (none) => geiger.david68210

Comment 3 Dave Hodgins 2012-10-16 00:01:09 CEST

Testing complete Mageia 2 i586, Mageia 1 i586 and x86-64.

Could someone from the sysadmin team push the srpms
firefox-10.0.9-1.mga2.src.rpm
firefox-l10n-10.0.9-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates and the srpms
firefox-10.0.9-1.mga1.src.rpm
firefox-l10n-10.0.9-1.mga1.src.rpm
from Mageia 1 Core Updates Testing to Core Updates.

Advisory: Updated firefox packages fix security vulnerability:

Mozilla security researcher moz_bug_r_a4 reported a regression where
security wrappers are unwrapped without doing a security check in
defaultValue(). This can allow for improper access access to the
Location object. In versions 15 and earlier of affected products, there
was also the potential for arbitrary code execution (CVE-2012-4193).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:167

https://bugs.mageia.org/show_bug.cgi?id=7800

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs
Whiteboard: MGA1TOO mga2-64-OK => MGA1TOO mga2-64-OK MGA2-32-OK MGA1-64-OK MGA1-32-OK

Comment 4 Thomas Backlund 2012-10-16 01:08:56 CEST

Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0295

Status: NEW => RESOLVED
CC: (none) => tmb
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.