Home / mailings [USN-2102-2] Firefox regression
Posted on 19 February 2014
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-2102-2
February 19, 2014
firefox regression
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
USN-2102-1 introduced a regression in Firefox.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
USN-2102-1 fixed vulnerabilities in Firefox. The update introduced a
regression which could make Firefox crash under some circumstances. This
update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christian Holler, Terrence Cole, Jesse Ruderman, Gary Kwong, Eric
Rescorla, Jonathan Kew, Dan Gohman, Ryan VanderMeulen, Carsten Book,
Andrew Sutherland, Byron Campen, Nicholas Nethercote, Paul Adenot, David=
Baron, Julian Seward and Sotaro Ikeda discovered multiple memory safety
issues in Firefox. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit these to cause a
denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking Firefox. (CVE-2014-1477,
CVE-2014-1478)
=20
Cody Crews discovered a method to bypass System Only Wrappers. An attack=
er
could potentially exploit this to steal confidential data or execute cod=
e
with the privileges of the user invoking Firefox. (CVE-2014-1479)
=20
Jordi Chancel discovered that the downloads dialog did not implement a
security timeout before button presses are processed. An attacker could
potentially exploit this to conduct clickjacking attacks. (CVE-2014-1480=
)
=20
Fredrik L=F6nnqvist discovered a use-after-free in Firefox. An attacker
could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code with the priviliges of the
user invoking Firefox. (CVE-2014-1482)
=20
Jordan Milne discovered a timing flaw when using document.elementFromPoi=
nt
and document.caretPositionFromPoint on cross-origin iframes. An attacker=
could potentially exploit this to steal confidential imformation.
(CVE-2014-1483)
=20
Frederik Braun discovered that the CSP implementation in Firefox did not=
handle XSLT stylesheets in accordance with the specification, potentiall=
y
resulting in unexpected script execution in some circumstances
(CVE-2014-1485)
=20
Arthur Gerkis discovered a use-after-free in Firefox. An attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the priviliges of the user invokin=
g
Firefox. (CVE-2014-1486)
=20
Masato Kinugawa discovered a cross-origin information leak in web worker=
error messages. An attacker could potentially exploit this to steal
confidential information. (CVE-2014-1487)
=20
Yazan Tommalieh discovered that web pages could activate buttons on the
default Firefox startpage (about:home) in some circumstances. An attacke=
r
could potentially exploit this to cause data loss by triggering a sessio=
n
restore. (CVE-2014-1489)
=20
Soeren Balko discovered a crash in Firefox when terminating web workers
running asm.js code in some circumstances. An attacker could potentially=
exploit this to execute arbitrary code with the priviliges of the user
invoking Firefox. (CVE-2014-1488)
=20
Several issues were discovered with ticket handling in NSS. An attacker
could potentially exploit these to cause a denial of service or bypass
cryptographic protection mechanisms. (CVE-2014-1490, CVE-2014-1491)
=20
Boris Zbarsky discovered that security restrictions on window objects
could be bypassed under certain circumstances. (CVE-2014-1481)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.10:
firefox 27.0.1+build1-0ubuntu0.13.10.1
Ubuntu 12.10:
firefox 27.0.1+build1-0ubuntu0.12.10.1
Ubuntu 12.04 LTS:
firefox 27.0.1+build1-0ubuntu0.12.04.1
After a standard system update you need to restart Firefox to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2102-2
http://www.ubuntu.com/usn/usn-2102-1
https://launchpad.net/bugs/1274468
Package Information:
https://launchpad.net/ubuntu/+source/firefox/27.0.1+build1-0ubuntu0.13.=
10.1
https://launchpad.net/ubuntu/+source/firefox/27.0.1+build1-0ubuntu0.12.=
10.1
https://launchpad.net/ubuntu/+source/firefox/27.0.1+build1-0ubuntu0.12.=
04.1
