Nome do pacote
firefox
Data
2013-10-31
ID Alerta
MDVSA-2013:264
Versões afetadas
MES5 i586 , MES5 x86_64

Descrição do problema

Multiple security issues was identified and fixed in mozilla firefox:

Mozilla developers identified and fixed several memory safety
bugs in the browser engine used in Firefox and other Mozilla-based
products. Some of these bugs showed evidence of memory corruption
under certain circumstances, and we presume that with enough effort
at least some of these could be exploited to run arbitrary code
(CVE-2013-5590, CVE-2013-1739).

Security researcher Abhishek Arya (Inferno) of the Google Chrome
Security Team used the Address Sanitizer tool to discover an access
violation due to uninitialized data during Extensible Stylesheet
Language Transformation (XSLT) processing. This leads to a potentially
exploitable crash (CVE-2013-5604).

Compiler Engineer Dan Gohman of Google discovered a flaw in the
JavaScript engine where memory was being incorrectly allocated for
some functions and the calls for allocations were not always properly
checked for overflow, leading to potential buffer overflows. When
combined with other vulnerabilities, these flaws could be potentially
exploitable (CVE-2013-5595).

Security researcher Byoungyoung Lee of Georgia Tech Information
Security Center (GTISC) used the Address Sanitizer tool to discover a
use-after-free during state change events while updating the offline
cache. This leads to a potentially exploitable crash (CVE-2013-5597).

Security researcher Nils used the Address Sanitizer tool while fuzzing
to discover missing strong references in browsing engine leading to
use-after-frees. This can lead to a potentially exploitable crash
(CVE-2013-5599, CVE-2013-5600, CVE-2013-5601).

Security researcher Nils used the Address Sanitizer tool while
fuzzing to discover a memory corruption issue with the JavaScript
engine when using workers with direct proxies. This results in a
potentially exploitable crash (CVE-2013-5602).

The mozilla firefox packages has been upgraded to the latest ESR
version (17.0.10) which is unaffected by these security flaws.

Pacotes atualizados

MES5 i586

 8b356e130758f978370f428ab2e0c9e6  mes5/i586/firefox-17.0.10-0.1mdvmes5.2.i586.rpm
 13bfdc82c6560ec8291f17547f0b7ad7  mes5/i586/firefox-af-17.0.10-0.1mdvmes5.2.i586.rpm
 52c98bf583bab3cca680c1e194852927  mes5/i586/firefox-ar-17.0.10-0.1mdvmes5.2.i586.rpm
 8000a5c9f46aec97414b605650cbfa71  mes5/i586/firefox-be-17.0.10-0.1mdvmes5.2.i586.rpm
 04bb3211bd383b98de4306b5e71f50b8  mes5/i586/firefox-bg-17.0.10-0.1mdvmes5.2.i586.rpm
 31fd5d9e16377dca18197967410f6d14  mes5/i586/firefox-bn-17.0.10-0.1mdvmes5.2.i586.rpm
 a8ae246d035c6c849a0d9e6bdd3d3843  mes5/i586/firefox-ca-17.0.10-0.1mdvmes5.2.i586.rpm
 187b634db3e73a47e995f692e592c914  mes5/i586/firefox-cs-17.0.10-0.1mdvmes5.2.i586.rpm
 eac4850fbf8486a0cdac4929bbf0f2cc  mes5/i586/firefox-cy-17.0.10-0.1mdvmes5.2.i586.rpm
 178c2c70f37189571d2dd900883fa9da  mes5/i586/firefox-da-17.0.10-0.1mdvmes5.2.i586.rpm
 71ee7af84a704c9c4225388165464e70  mes5/i586/firefox-de-17.0.10-0.1mdvmes5.2.i586.rpm
 252e23dc91c6bf651488e74bb16ba272  mes5/i586/firefox-devel-17.0.10-0.1mdvmes5.2.i586.rpm
 232410e951d51ec6f77d66daa5ec7b3d  mes5/i586/firefox-el-17.0.10-0.1mdvmes5.2.i586.rpm
 884a4de30ab44ee92072ffee7e9c69c6  mes5/i586/firefox-en_GB-17.0.10-0.1mdvmes5.2.i586.rpm
 094d22d091dc24ddbff3b0306f607bd9  mes5/i586/firefox-eo-17.0.10-0.1mdvmes5.2.i586.rpm
 f7e615b84d1a59185f28a82a806ce9d9  mes5/i586/firefox-es_AR-17.0.10-0.1mdvmes5.2.i586.rpm
 e898f0c130575b72480c3a63fde9f1d0  mes5/i586/firefox-es_ES-17.0.10-0.1mdvmes5.2.i586.rpm
 af217e0800bd2c3ad1d64e7fa4b21601  mes5/i586/firefox-et-17.0.10-0.1mdvmes5.2.i586.rpm
 36adc8857a73bf72beb0834348aa183b  mes5/i586/firefox-eu-17.0.10-0.1mdvmes5.2.i586.rpm
 b694746dad146a53ab31893b7d20fc75  mes5/i586/firefox-fi-17.0.10-0.1mdvmes5.2.i586.rpm
 fb7fe381a0d04a7dd48b93b46866e99f  mes5/i586/firefox-fr-17.0.10-0.1mdvmes5.2.i586.rpm
 b76c8ae1103e7fec6795eb10cc9c7761  mes5/i586/firefox-fy-17.0.10-0.1mdvmes5.2.i586.rpm
 0d2d0a60884f4df496dda419934ba950  mes5/i586/firefox-ga_IE-17.0.10-0.1mdvmes5.2.i586.rpm
 a87a58b8b7697acdc83cdef41a7c2f74  mes5/i586/firefox-gl-17.0.10-0.1mdvmes5.2.i586.rpm
 cb015e833121104c77fe68e3f7a5721a  mes5/i586/firefox-gu_IN-17.0.10-0.1mdvmes5.2.i586.rpm
 0bc9180d1883b3a569158a8ed7feaa20  mes5/i586/firefox-he-17.0.10-0.1mdvmes5.2.i586.rpm
 412f8b70cbc6100d1eb78d6ce9994159  mes5/i586/firefox-hi-17.0.10-0.1mdvmes5.2.i586.rpm
 24e54aec4ab27e9638e9f071b4787d3f  mes5/i586/firefox-hu-17.0.10-0.1mdvmes5.2.i586.rpm
 b8a4496f70fcbf8ccb782e5f7cda6299  mes5/i586/firefox-id-17.0.10-0.1mdvmes5.2.i586.rpm
 e4a7a7945a59bc3c0006935293c465f4  mes5/i586/firefox-is-17.0.10-0.1mdvmes5.2.i586.rpm
 a608010e73611fa11c4d767ff82c4848  mes5/i586/firefox-it-17.0.10-0.1mdvmes5.2.i586.rpm
 b6a7ba424401cf14a7b304b0a0bc08b5  mes5/i586/firefox-ja-17.0.10-0.1mdvmes5.2.i586.rpm
 82dc853059e49217e9f2944a915d677c  mes5/i586/firefox-kn-17.0.10-0.1mdvmes5.2.i586.rpm
 211690acd24fb7676dc7b23bfaafc965  mes5/i586/firefox-ko-17.0.10-0.1mdvmes5.2.i586.rpm
 fbecb166e04bf7f39a459cdae523e9f3  mes5/i586/firefox-ku-17.0.10-0.1mdvmes5.2.i586.rpm
 25401e8ccda6ee95f120f14903304ee3  mes5/i586/firefox-lt-17.0.10-0.1mdvmes5.2.i586.rpm
 7bc6d9e7713afd06a386e092166e186a  mes5/i586/firefox-lv-17.0.10-0.1mdvmes5.2.i586.rpm
 489b4ec4365fcec5e2afee0dc1279c52  mes5/i586/firefox-mk-17.0.10-0.1mdvmes5.2.i586.rpm
 6929dbbacb22f92cf45ac0300fd8bd08  mes5/i586/firefox-mr-17.0.10-0.1mdvmes5.2.i586.rpm
 f28d40da695164cb1fd0e44015d36168  mes5/i586/firefox-nb_NO-17.0.10-0.1mdvmes5.2.i586.rpm
 65466d2e9989fcf990953809ff466cac  mes5/i586/firefox-nl-17.0.10-0.1mdvmes5.2.i586.rpm
 2d8bb0abac2eb5a41017ba863e1e0bc5  mes5/i586/firefox-nn_NO-17.0.10-0.1mdvmes5.2.i586.rpm
 56f74f78d17d25363c9789890a2b3df8  mes5/i586/firefox-pa_IN-17.0.10-0.1mdvmes5.2.i586.rpm
 9f442f39300f2c70852ede990b54b0e5  mes5/i586/firefox-pl-17.0.10-0.1mdvmes5.2.i586.rpm
 cd968c691bcdcd3f7500d9f8676d88d7  mes5/i586/firefox-pt_BR-17.0.10-0.1mdvmes5.2.i586.rpm
 3e6eefadeb0d70ef38a855b256d529a4  mes5/i586/firefox-pt_PT-17.0.10-0.1mdvmes5.2.i586.rpm
 a7dcc111b6fd2c15785282c20e70f204  mes5/i586/firefox-ro-17.0.10-0.1mdvmes5.2.i586.rpm
 709f1bd009e36868ef4f5c0501d210c2  mes5/i586/firefox-ru-17.0.10-0.1mdvmes5.2.i586.rpm
 fd17129830b3ad5f09b6aad3d975b5da  mes5/i586/firefox-si-17.0.10-0.1mdvmes5.2.i586.rpm
 2557e138231f5fd90bbbc060ba0340e3  mes5/i586/firefox-sk-17.0.10-0.1mdvmes5.2.i586.rpm
 3c283d3edc24021b358681fd8b57d40c  mes5/i586/firefox-sl-17.0.10-0.1mdvmes5.2.i586.rpm
 eb63f5d7e62e2fa6f65ec6b62347e27a  mes5/i586/firefox-sq-17.0.10-0.1mdvmes5.2.i586.rpm
 bbb2ce3913f6f82187fb820e5344e5a6  mes5/i586/firefox-sr-17.0.10-0.1mdvmes5.2.i586.rpm
 1767f5f0f747a31868954db05bec0686  mes5/i586/firefox-sv_SE-17.0.10-0.1mdvmes5.2.i586.rpm
 a0aaf8d5ec43f45d2da2caec22faca14  mes5/i586/firefox-te-17.0.10-0.1mdvmes5.2.i586.rpm
 995b6d8642c91749c693dc80331dae0a  mes5/i586/firefox-th-17.0.10-0.1mdvmes5.2.i586.rpm
 275d886a3abde957822655d530cbcfd7  mes5/i586/firefox-tr-17.0.10-0.1mdvmes5.2.i586.rpm
 e28070bcba0a7d81985953f8d6a61ec6  mes5/i586/firefox-uk-17.0.10-0.1mdvmes5.2.i586.rpm
 725dfac0aea8467fd5b95006796c560f  mes5/i586/firefox-zh_CN-17.0.10-0.1mdvmes5.2.i586.rpm
 57e61dc1bb3be887434769b050f53842  mes5/i586/firefox-zh_TW-17.0.10-0.1mdvmes5.2.i586.rpm
 59ca4e3f3adb88e23298c637a011d5f1  mes5/i586/icedtea-web-1.3.2-0.7mdvmes5.2.i586.rpm
 5d2a06871552960c58fe488f6eb79ae1  mes5/i586/icedtea-web-javadoc-1.3.2-0.7mdvmes5.2.i586.rpm
 1905cc2912a1d13eb33fc6e07def0ac6  mes5/i586/libxulrunner17.0.10-17.0.10-0.1mdvmes5.2.i586.rpm
 6e4efb0a912c54a42d7bff7999265414  mes5/i586/libxulrunner-devel-17.0.10-0.1mdvmes5.2.i586.rpm
 2e1d3e2914fd148d18ed016631c67324  mes5/i586/xulrunner-17.0.10-0.1mdvmes5.2.i586.rpm 
 f010083d4f25ae7a1e6352c5be41234e  mes5/SRPMS/firefox-17.0.10-0.1mdvmes5.2.src.rpm
 f2c93094e48fb76b925987e62f7a87b0  mes5/SRPMS/firefox-l10n-17.0.10-0.1mdvmes5.2.src.rpm
 6ffcc2721a55b0807243179c2bbb61b3  mes5/SRPMS/icedtea-web-1.3.2-0.7mdvmes5.2.src.rpm
 248cfd9a988cfce5b97314819f02323a  mes5/SRPMS/xulrunner-17.0.10-0.1mdvmes5.2.src.rpm

MES5 x86_64

 a936706edca3f91c6e1d87b1f765e87a  mes5/x86_64/firefox-17.0.10-0.1mdvmes5.2.x86_64.rpm
 b43add5001e7fe85e4445c6ef115cc8a  mes5/x86_64/firefox-af-17.0.10-0.1mdvmes5.2.x86_64.rpm
 4be509690181388cb9a619579b7b45e2  mes5/x86_64/firefox-ar-17.0.10-0.1mdvmes5.2.x86_64.rpm
 24336c44a39ce684fb5bb3050cfaa82f  mes5/x86_64/firefox-be-17.0.10-0.1mdvmes5.2.x86_64.rpm
 6019d51a644e90b69232ced5625c4009  mes5/x86_64/firefox-bg-17.0.10-0.1mdvmes5.2.x86_64.rpm
 88a17c461936a9e22d0a5e52e844b0a5  mes5/x86_64/firefox-bn-17.0.10-0.1mdvmes5.2.x86_64.rpm
 d03b93c8abf190afaa88f956dac5c597  mes5/x86_64/firefox-ca-17.0.10-0.1mdvmes5.2.x86_64.rpm
 3ea4f25d2301eac734ccafd4a1c47a8d  mes5/x86_64/firefox-cs-17.0.10-0.1mdvmes5.2.x86_64.rpm
 444fc6c49f41039da150b505a3cf9a61  mes5/x86_64/firefox-cy-17.0.10-0.1mdvmes5.2.x86_64.rpm
 9a7568880e77ef098086acc8c6131f64  mes5/x86_64/firefox-da-17.0.10-0.1mdvmes5.2.x86_64.rpm
 59d3d4571135f9fe49cf36449056a83e  mes5/x86_64/firefox-de-17.0.10-0.1mdvmes5.2.x86_64.rpm
 fc49c7709530115795820913dd000ccb  mes5/x86_64/firefox-devel-17.0.10-0.1mdvmes5.2.x86_64.rpm
 b8aa7bcad966ffff172b08fcc03d66c6  mes5/x86_64/firefox-el-17.0.10-0.1mdvmes5.2.x86_64.rpm
 c288c4a88daaa32d94f332ce0b738306  mes5/x86_64/firefox-en_GB-17.0.10-0.1mdvmes5.2.x86_64.rpm
 398bf0b06f2571dfb938c8426331cba6  mes5/x86_64/firefox-eo-17.0.10-0.1mdvmes5.2.x86_64.rpm
 96c5921d731574d883f5a5b87f8131f2  mes5/x86_64/firefox-es_AR-17.0.10-0.1mdvmes5.2.x86_64.rpm
 69d7a12bb7859c8a567555b09a635ac1  mes5/x86_64/firefox-es_ES-17.0.10-0.1mdvmes5.2.x86_64.rpm
 427c4f5ef9e2d5798c00a472290c2536  mes5/x86_64/firefox-et-17.0.10-0.1mdvmes5.2.x86_64.rpm
 168cbe068acc879fe95b99e541b2058f  mes5/x86_64/firefox-eu-17.0.10-0.1mdvmes5.2.x86_64.rpm
 5bb03fec3845f0c0812a62912064c861  mes5/x86_64/firefox-fi-17.0.10-0.1mdvmes5.2.x86_64.rpm
 6ce8480c4036bc5be643b96ebe5eaf41  mes5/x86_64/firefox-fr-17.0.10-0.1mdvmes5.2.x86_64.rpm
 efe58623966e1d3e38d1bdd44f9453ba  mes5/x86_64/firefox-fy-17.0.10-0.1mdvmes5.2.x86_64.rpm
 6bc614747b6bae9efa0f49d72bf52817  mes5/x86_64/firefox-ga_IE-17.0.10-0.1mdvmes5.2.x86_64.rpm
 60c3a511ba0ca0f6817d55cddcd19312  mes5/x86_64/firefox-gl-17.0.10-0.1mdvmes5.2.x86_64.rpm
 60b02a11ca5a29197c16375159b3b893  mes5/x86_64/firefox-gu_IN-17.0.10-0.1mdvmes5.2.x86_64.rpm
 0b316bdab7e76d0cc6142cf339dec875  mes5/x86_64/firefox-he-17.0.10-0.1mdvmes5.2.x86_64.rpm
 26960aade1ca8d0de55ff5fe0263c46d  mes5/x86_64/firefox-hi-17.0.10-0.1mdvmes5.2.x86_64.rpm
 04982b195a068b37e854239fcbe49149  mes5/x86_64/firefox-hu-17.0.10-0.1mdvmes5.2.x86_64.rpm
 20ff0bf32bb3a507ef5664bb6f7e46af  mes5/x86_64/firefox-id-17.0.10-0.1mdvmes5.2.x86_64.rpm
 67b8bb270880f7287bfdf17d8d329b57  mes5/x86_64/firefox-is-17.0.10-0.1mdvmes5.2.x86_64.rpm
 9a3fca28060bf69f6305625baea8c633  mes5/x86_64/firefox-it-17.0.10-0.1mdvmes5.2.x86_64.rpm
 00139d5fa5ef94f9b9bfd95b666a49de  mes5/x86_64/firefox-ja-17.0.10-0.1mdvmes5.2.x86_64.rpm
 9170fedc0051e53d995d11330bb8148d  mes5/x86_64/firefox-kn-17.0.10-0.1mdvmes5.2.x86_64.rpm
 b93e25706e81921d97dcc25589e4cee7  mes5/x86_64/firefox-ko-17.0.10-0.1mdvmes5.2.x86_64.rpm
 f1d233637cd8694d2c1981e5e3f7cdcb  mes5/x86_64/firefox-ku-17.0.10-0.1mdvmes5.2.x86_64.rpm
 c88da586a66eb6eab2f7292bf2a4cc7e  mes5/x86_64/firefox-lt-17.0.10-0.1mdvmes5.2.x86_64.rpm
 49222a5c13f08689fdac8cfdfbc5bfaa  mes5/x86_64/firefox-lv-17.0.10-0.1mdvmes5.2.x86_64.rpm
 7cc6914e08762d251ceba3a3e248f95f  mes5/x86_64/firefox-mk-17.0.10-0.1mdvmes5.2.x86_64.rpm
 62ced4fc56d17efd1f70857d24956c5d  mes5/x86_64/firefox-mr-17.0.10-0.1mdvmes5.2.x86_64.rpm
 90281f0c29088db3bbf8af47c5563270  mes5/x86_64/firefox-nb_NO-17.0.10-0.1mdvmes5.2.x86_64.rpm
 db36ccef935d0b83548d3b8e4ce5226d  mes5/x86_64/firefox-nl-17.0.10-0.1mdvmes5.2.x86_64.rpm
 d7eb1d81afa297b447ae7a03fcabb380  mes5/x86_64/firefox-nn_NO-17.0.10-0.1mdvmes5.2.x86_64.rpm
 39a8229920426912b15b8a5d8eea8c8a  mes5/x86_64/firefox-pa_IN-17.0.10-0.1mdvmes5.2.x86_64.rpm
 83d4ae612cf79a975449ed1f452aa2b3  mes5/x86_64/firefox-pl-17.0.10-0.1mdvmes5.2.x86_64.rpm
 e2faec0786d46f363343becb607a43d9  mes5/x86_64/firefox-pt_BR-17.0.10-0.1mdvmes5.2.x86_64.rpm
 6a7fcc88beafd4b89aebc125305bcb99  mes5/x86_64/firefox-pt_PT-17.0.10-0.1mdvmes5.2.x86_64.rpm
 da21ed9fe5124b8eef7089dd7dbf37e6  mes5/x86_64/firefox-ro-17.0.10-0.1mdvmes5.2.x86_64.rpm
 88fd300819489ed6e420070762c754dc  mes5/x86_64/firefox-ru-17.0.10-0.1mdvmes5.2.x86_64.rpm
 8a5a8908b18a2ad8fcedf64d10d84f34  mes5/x86_64/firefox-si-17.0.10-0.1mdvmes5.2.x86_64.rpm
 e1b8b7e0ed72d1966fdb2a552b282593  mes5/x86_64/firefox-sk-17.0.10-0.1mdvmes5.2.x86_64.rpm
 0619a38d18f93130016373120a96b8f6  mes5/x86_64/firefox-sl-17.0.10-0.1mdvmes5.2.x86_64.rpm
 7b881326d8e9a4d2c5836d54667f4599  mes5/x86_64/firefox-sq-17.0.10-0.1mdvmes5.2.x86_64.rpm
 e77c80e85018a0f75cdc9b2761217845  mes5/x86_64/firefox-sr-17.0.10-0.1mdvmes5.2.x86_64.rpm
 03e5f6f09ae0c54c9aaee9a6995b487a  mes5/x86_64/firefox-sv_SE-17.0.10-0.1mdvmes5.2.x86_64.rpm
 5b2b2ff30bbeca187f0db710bf209fca  mes5/x86_64/firefox-te-17.0.10-0.1mdvmes5.2.x86_64.rpm
 17ec39d11ea1bc0cf147e4fefb37c467  mes5/x86_64/firefox-th-17.0.10-0.1mdvmes5.2.x86_64.rpm
 9a431702384437a986512e1d9ec255e6  mes5/x86_64/firefox-tr-17.0.10-0.1mdvmes5.2.x86_64.rpm
 e959547daef17450e7cef3c396251e79  mes5/x86_64/firefox-uk-17.0.10-0.1mdvmes5.2.x86_64.rpm
 fa4781fbd15693aa5ec2d774016a94fa  mes5/x86_64/firefox-zh_CN-17.0.10-0.1mdvmes5.2.x86_64.rpm
 cc2067967600878b4359ed2136939ead  mes5/x86_64/firefox-zh_TW-17.0.10-0.1mdvmes5.2.x86_64.rpm
 fda8ad820ce31af9e1f428b3a92b6bb0  mes5/x86_64/icedtea-web-1.3.2-0.7mdvmes5.2.x86_64.rpm
 b85fbfd36e3445bf5682254d96d3ceb1  mes5/x86_64/icedtea-web-javadoc-1.3.2-0.7mdvmes5.2.x86_64.rpm
 bee8cb6a95486f8efe330a0c0a92e5de  mes5/x86_64/lib64xulrunner17.0.10-17.0.10-0.1mdvmes5.2.x86_64.rpm
 81b83933f3e707e05ef468049a5aebea  mes5/x86_64/lib64xulrunner-devel-17.0.10-0.1mdvmes5.2.x86_64.rpm
 f071f05fc450197bb59e2fd284004d5d  mes5/x86_64/xulrunner-17.0.10-0.1mdvmes5.2.x86_64.rpm 
 f010083d4f25ae7a1e6352c5be41234e  mes5/SRPMS/firefox-17.0.10-0.1mdvmes5.2.src.rpm
 f2c93094e48fb76b925987e62f7a87b0  mes5/SRPMS/firefox-l10n-17.0.10-0.1mdvmes5.2.src.rpm
 6ffcc2721a55b0807243179c2bbb61b3  mes5/SRPMS/icedtea-web-1.3.2-0.7mdvmes5.2.src.rpm
 248cfd9a988cfce5b97314819f02323a  mes5/SRPMS/xulrunner-17.0.10-0.1mdvmes5.2.src.rpm

Referências