Bug#670586: iceweasel:[regression 3.5.16-13 > 14] JavaScript SIGSEGV
Mike Hommey
mh at glandium.org
Fri May 11 07:10:24 UTC 2012
On Thu, May 10, 2012 at 08:34:21PM +0100, Steven Chamberlain wrote:
> Hi Mike,
>
> Are we sure that iceweasel 3.5.x needed this security fix in the first
> place? Any ideas which issue bug #732951 referred to and if it was
> exploitable here?
>
> The CVE's only refer to versions 4.x through 11.x (I guess because those
> are the maintained ones, though).
So, after a more thorough analysis, it turns out while the bug addressed
in that CVE exists in 3.5, it has less dramatic consequences. It will
"only" lead to a SEGV_ACCERR segmentation fault, instead of doing a
buffer overflow.
I'll thus back this patch out and upload a fixed version.
Mike
More information about the pkg-mozilla-maintainers
mailing list