[Pkg-mozext-maintainers] firefox-sage diff for Lenny fixing CVE-2009-4102
awoodland at debian.org
awoodland at debian.org
Thu Dec 10 18:05:04 UTC 2009
Hi,
Attached is my proposed diff for Lenny. It takes the 'least changes' approach to fixing the problem, which isn't great long term. Having applied this patch it now passes the test feeds in both html/non-html mode:
http://users.aber.ac.uk/ajw/new.rss
http://users.aber.ac.uk/ajw/newI.rss
http://users.aber.ac.uk/ajw/everything.atom (this is the test case from 2006 which had a regression)
Etch is somewhat different, and still has my original patch from the 2006 vulnerability which means there is no regression and it also fixed one of the newer test cases.
Etch actually seemed to pass all the test cases there, but I know at least the malicious link one would be exploitable with only a very small change to the feed. (The benign 'exploit' made a few assumptions about which version of FF/IW you're using, which caused an exception to be thrown part way through executing the exploit, before there is any indication of failure).
Please can you review this and allow me to make an upload to stable-security? I'll provide a similar patch for etch shortly too.
Thanks
Alan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lenny-xss-fix.debdiff
Type: application/octet-stream
Size: 4009 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozext-maintainers/attachments/20091210/411944af/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 272 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozext-maintainers/attachments/20091210/411944af/attachment-0001.pgp>
More information about the Pkg-mozext-maintainers
mailing list