FS#5892 : security issue in Firefox

FS#5892 - security issue in Firefox

Attached to Project: Arch Linux
Opened by Roman Kyrylych (Romashka) - Saturday, 25 November 2006, 14:53 GMT

Task Type	Bug Report
Category	Packages: Current
Status	Closed
Assigned To	Jan de Groot (JGC)
Architecture	not specified
Severity	Critical
Priority	Normal
Reported Version	0.7.2 Gimmick
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Firefox has serious security issue with form autofilling that allow phishing.

http://bbs.archlinux.org/viewtopic.php?p=210593
https://bugzilla.mozilla.org/show_bug.cgi?id=360493

This task depends upon

Closed by Jan de Groot (JGC)
Tuesday, 27 March 2007, 15:45 GMT
Reason for closing: Fixed

Comment by Roman Kyrylych (Romashka) - Friday, 09 February 2007, 16:28 GMT

As can be seen from mainstream bugreport there is a fix in development versions already.
Can it be applied to 2.0.1 now?

Comment by Roman Kyrylych (Romashka) - Friday, 09 February 2007, 21:33 GMT

Also related: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0802

Comment by Andreas Radke (AndyRTR) - Wednesday, 07 March 2007, 06:15 GMT

https://bugzilla.mozilla.org/show_bug.cgi?id=360493 this was an upstream bug.
we usually don't bring them up here as long as you do not request for adding a known fix.

the issue has been marked as solved. FF 2.0.0.2 release should have it fixed.

JGC - wanna close this bug?

Comment by Roman Kyrylych (Romashka) - Wednesday, 07 March 2007, 08:33 GMT

Yes this is mainstream bug but also a big security issue, so I created this bug report in hope to get some patch applied (from CVS or other place).
As some reports say - 2.0.0.2 didn't fix it properly. So I don't know. Feel free to close it if there's no better fix available.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#5892 - security issue in Firefox

Details

Loading...