Home / mailings [USN-1729-2] Firefox regression
Posted on 01 March 2013
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1729-2
March 01, 2013
firefox regression
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
Summary:
Due to a regression, Firefox might crash or freeze under normal use.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
USN-1729-1 fixed vulnerabilities in Firefox. This update introduced a
regression which sometimes resulted in freezes and crashes when using
multiple tabs with images displayed. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreig=
ht,
Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke
Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierr=
on
discovered multiple memory safety issues affecting Firefox. If the user
were tricked into opening a specially crafted page, an attacker could
possibly exploit these to cause a denial of service via application cras=
h.
(CVE-2013-0783, CVE-2013-0784)
Atte Kettunen discovered that Firefox could perform an out-of-bounds rea=
d
while rendering GIF format images. An attacker could exploit this to cra=
sh
Firefox. (CVE-2013-0772)
Boris Zbarsky discovered that Firefox did not properly handle some wrapp=
ed
WebIDL objects. If the user were tricked into opening a specially crafte=
d
page, an attacker could possibly exploit this to cause a denial of servi=
ce
via application crash, or potentially execute code with the privileges o=
f
the user invoking Firefox. (CVE-2013-0765)
Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) =
and
System Only Wrappers (SOW). If a user were tricked into opening a specia=
lly
crafted page, a remote attacker could exploit this to bypass security
protections to obtain sensitive information or potentially execute code
with the privileges of the user invoking Firefox. (CVE-2013-0773)
Frederik Braun discovered that Firefox made the location of the active
browser profile available to JavaScript workers. (CVE-2013-0774)
A use-after-free vulnerability was discovered in Firefox. An attacker co=
uld
potentially exploit this to execute code with the privileges of the user=
invoking Firefox. (CVE-2013-0775)
Michal Zalewski discovered that Firefox would not always show the correc=
t
address when cancelling a proxy authentication prompt. A remote attacker=
could exploit this to conduct URL spoofing and phishing attacks.
(CVE-2013-0776)
Abhishek Arya discovered several problems related to memory handling. If=
the user were tricked into opening a specially crafted page, an attacker=
could possibly exploit these to cause a denial of service via applicatio=
n
crash, or potentially execute code with the privileges of the user invok=
ing
Firefox. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780,
CVE-2013-0781, CVE-2013-0782)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
firefox 19.0+build1-0ubuntu0.12.10.2
Ubuntu 12.04 LTS:
firefox 19.0+build1-0ubuntu0.12.04.2
Ubuntu 11.10:
firefox 19.0+build1-0ubuntu0.11.10.2
After a standard system update you need to restart Firefox to make all th=
e
necessary changes.
References:
http://www.ubuntu.com/usn/usn-1729-2
http://www.ubuntu.com/usn/usn-1729-1
https://launchpad.net/bugs/1134409
Package Information:
https://launchpad.net/ubuntu/+source/firefox/19.0+build1-0ubuntu0.12.10=
=2E2
https://launchpad.net/ubuntu/+source/firefox/19.0+build1-0ubuntu0.12.04=
=2E2
https://launchpad.net/ubuntu/+source/firefox/19.0+build1-0ubuntu0.11.10=
=2E2
------------
