From Mageia wiki
Jump to: navigation, search

MGASA-2012-0295

Date: October 16th, 2012
Affected releases: 1, 2


Description:
Updated firefox packages fix security vulnerability:

Mozilla security researcher moz_bug_r_a4 reported a regression where
security wrappers are unwrapped without doing a security check in
defaultValue(). This can allow for improper access access to the
Location object. In versions 15 and earlier of affected products, there
was also the potential for arbitrary code execution (CVE-2012-4193).


Updated Packages:
Mageia 1:
firefox-10.0.9-1.mga1
firefox-devel-10.0.9-1.mga1
firefox-af-10.0.9-1.mga1
firefox-ar-10.0.9-1.mga1
firefox-ast-10.0.9-1.mga1
firefox-be-10.0.9-1.mga1
firefox-bg-10.0.9-1.mga1
firefox-bn_IN-10.0.9-1.mga1
firefox-bn_BD-10.0.9-1.mga1
firefox-br-10.0.9-1.mga1
firefox-bs-10.0.9-1.mga1
firefox-ca-10.0.9-1.mga1
firefox-cs-10.0.9-1.mga1
firefox-cy-10.0.9-1.mga1
firefox-da-10.0.9-1.mga1
firefox-de-10.0.9-1.mga1
firefox-el-10.0.9-1.mga1
firefox-en_GB-10.0.9-1.mga1
firefox-en_ZA-10.0.9-1.mga1
firefox-eo-10.0.9-1.mga1
firefox-es_AR-10.0.9-1.mga1
firefox-es_CL-10.0.9-1.mga1
firefox-es_ES-10.0.9-1.mga1
firefox-es_MX-10.0.9-1.mga1
firefox-et-10.0.9-1.mga1
firefox-eu-10.0.9-1.mga1
firefox-fa-10.0.9-1.mga1
firefox-fi-10.0.9-1.mga1
firefox-fr-10.0.9-1.mga1
firefox-fy-10.0.9-1.mga1
firefox-ga_IE-10.0.9-1.mga1
firefox-gd-10.0.9-1.mga1
firefox-gl-10.0.9-1.mga1
firefox-gu_IN-10.0.9-1.mga1
firefox-he-10.0.9-1.mga1
firefox-hi-10.0.9-1.mga1
firefox-hr-10.0.9-1.mga1
firefox-hu-10.0.9-1.mga1
firefox-hy-10.0.9-1.mga1
firefox-id-10.0.9-1.mga1
firefox-is-10.0.9-1.mga1
firefox-it-10.0.9-1.mga1
firefox-ja-10.0.9-1.mga1
firefox-kk-10.0.9-1.mga1
firefox-ko-10.0.9-1.mga1
firefox-kn-10.0.9-1.mga1
firefox-ku-10.0.9-1.mga1
firefox-lg-10.0.9-1.mga1
firefox-lt-10.0.9-1.mga1
firefox-lv-10.0.9-1.mga1
firefox-mai-10.0.9-1.mga1
firefox-mk-10.0.9-1.mga1
firefox-ml-10.0.9-1.mga1
firefox-mr-10.0.9-1.mga1
firefox-nb_NO-10.0.9-1.mga1
firefox-nl-10.0.9-1.mga1
firefox-nn_NO-10.0.9-1.mga1
firefox-nso-10.0.9-1.mga1
firefox-or-10.0.9-1.mga1
firefox-pa_IN-10.0.9-1.mga1
firefox-pl-10.0.9-1.mga1
firefox-pt_BR-10.0.9-1.mga1
firefox-pt_PT-10.0.9-1.mga1
firefox-ro-10.0.9-1.mga1
firefox-ru-10.0.9-1.mga1
firefox-si-10.0.9-1.mga1
firefox-sk-10.0.9-1.mga1
firefox-sl-10.0.9-1.mga1
firefox-sq-10.0.9-1.mga1
firefox-sr-10.0.9-1.mga1
firefox-sv_SE-10.0.9-1.mga1
firefox-ta-10.0.9-1.mga1
firefox-ta_LK-10.0.9-1.mga1
firefox-te-10.0.9-1.mga1
firefox-th-10.0.9-1.mga1
firefox-tr-10.0.9-1.mga1
firefox-uk-10.0.9-1.mga1
firefox-vi-10.0.9-1.mga1
firefox-zh_CN-10.0.9-1.mga1
firefox-zh_TW-10.0.9-1.mga1
firefox-zu-10.0.9-1.mga1

Mageia 2:
firefox-10.0.9-1.mga2
firefox-devel-10.0.9-1.mga2
firefox-af-10.0.9-1.mga2
firefox-ar-10.0.9-1.mga2
firefox-ast-10.0.9-1.mga2
firefox-be-10.0.9-1.mga2
firefox-bg-10.0.9-1.mga2
firefox-bn_IN-10.0.9-1.mga2
firefox-bn_BD-10.0.9-1.mga2
firefox-br-10.0.9-1.mga2
firefox-bs-10.0.9-1.mga2
firefox-ca-10.0.9-1.mga2
firefox-cs-10.0.9-1.mga2
firefox-cy-10.0.9-1.mga2
firefox-da-10.0.9-1.mga2
firefox-de-10.0.9-1.mga2
firefox-el-10.0.9-1.mga2
firefox-en_GB-10.0.9-1.mga2
firefox-en_ZA-10.0.9-1.mga2
firefox-eo-10.0.9-1.mga2
firefox-es_AR-10.0.9-1.mga2
firefox-es_CL-10.0.9-1.mga2
firefox-es_ES-10.0.9-1.mga2
firefox-es_MX-10.0.9-1.mga2
firefox-et-10.0.9-1.mga2
firefox-eu-10.0.9-1.mga2
firefox-fa-10.0.9-1.mga2
firefox-fi-10.0.9-1.mga2
firefox-fr-10.0.9-1.mga2
firefox-fy-10.0.9-1.mga2
firefox-ga_IE-10.0.9-1.mga2
firefox-gd-10.0.9-1.mga2
firefox-gl-10.0.9-1.mga2
firefox-gu_IN-10.0.9-1.mga2
firefox-he-10.0.9-1.mga2
firefox-hi-10.0.9-1.mga2
firefox-hr-10.0.9-1.mga2
firefox-hu-10.0.9-1.mga2
firefox-hy-10.0.9-1.mga2
firefox-id-10.0.9-1.mga2
firefox-is-10.0.9-1.mga2
firefox-it-10.0.9-1.mga2
firefox-ja-10.0.9-1.mga2
firefox-kk-10.0.9-1.mga2
firefox-ko-10.0.9-1.mga2
firefox-kn-10.0.9-1.mga2
firefox-ku-10.0.9-1.mga2
firefox-lg-10.0.9-1.mga2
firefox-lt-10.0.9-1.mga2
firefox-lv-10.0.9-1.mga2
firefox-mai-10.0.9-1.mga2
firefox-mk-10.0.9-1.mga2
firefox-ml-10.0.9-1.mga2
firefox-mr-10.0.9-1.mga2
firefox-nb_NO-10.0.9-1.mga2
firefox-nl-10.0.9-1.mga2
firefox-nn_NO-10.0.9-1.mga2
firefox-nso-10.0.9-1.mga2
firefox-or-10.0.9-1.mga2
firefox-pa_IN-10.0.9-1.mga2
firefox-pl-10.0.9-1.mga2
firefox-pt_BR-10.0.9-1.mga2
firefox-pt_PT-10.0.9-1.mga2
firefox-ro-10.0.9-1.mga2
firefox-ru-10.0.9-1.mga2
firefox-si-10.0.9-1.mga2
firefox-sk-10.0.9-1.mga2
firefox-sl-10.0.9-1.mga2
firefox-sq-10.0.9-1.mga2
firefox-sr-10.0.9-1.mga2
firefox-sv_SE-10.0.9-1.mga2
firefox-ta-10.0.9-1.mga2
firefox-ta_LK-10.0.9-1.mga2
firefox-te-10.0.9-1.mga2
firefox-th-10.0.9-1.mga2
firefox-tr-10.0.9-1.mga2
firefox-uk-10.0.9-1.mga2
firefox-vi-10.0.9-1.mga2
firefox-zh_CN-10.0.9-1.mga2
firefox-zh_TW-10.0.9-1.mga2
firefox-zu-10.0.9-1.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4193
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:167
https://bugs.mageia.org/show_bug.cgi?id=7800

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0295&oldid=11739"