← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

Candidate: CVE-2008-5024
PublicDate: 2008-11-13
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5024
 http://www.ubuntu.com/usn/usn-667-1
 http://www.ubuntu.com/usn/usn-668-1
Description:
 Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird
 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape
 quote characters used for XML processing, which allows remote attackers to
 conduct XML injection attacks via the default namespace in an E4X document.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to: asac

Patches_firefox:
upstream_firefox: released (2.0.0.18)
dapper_firefox: released (1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1)
gutsy_firefox: released (2.0.0.18+nobinonly-0ubuntu0.7.10)
hardy_firefox: released (2.0.0.18+nobinonly-0ubuntu0.8.04.1)
intrepid_firefox: DNE
devel_firefox: DNE

Patches_firefox-3.0:
upstream_firefox-3.0: needs-triage
dapper_firefox-3.0: DNE
gutsy_firefox-3.0: needed (reached end-of-life)
hardy_firefox-3.0: released (3.0.4+nobinonly-0ubuntu0.8.04.1)
intrepid_firefox-3.0: released (3.0.4+nobinonly-0ubuntu0.8.10.1)
devel_firefox-3.0: released (3.0.4+nobinonly-0ubuntu2)

Patches_iceweasel:
upstream_iceweasel: needs-triage
dapper_iceweasel: DNE
gutsy_iceweasel: DNE
hardy_iceweasel: DNE
intrepid_iceweasel: DNE
devel_iceweasel: DNE


Patches_xulrunner:
upstream_xulrunner: needs-triage
dapper_xulrunner: DNE
gutsy_xulrunner: released (1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1)
hardy_xulrunner: released (1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1)
intrepid_xulrunner: released (1.8.1.16+nobinonly-0ubuntu1)
devel_xulrunner: released (1.8.1.16+nobinonly-0ubuntu1)

Patches_xulrunner-1.9:
upstream_xulrunner-1.9: released (1.9.0.4)
dapper_xulrunner-1.9: DNE
gutsy_xulrunner-1.9: needed (reached end-of-life)
hardy_xulrunner-1.9: released (1.9.0.4+nobinonly-0ubuntu0.8.04.1)
intrepid_xulrunner-1.9: released (1.9.0.4+nobinonly-0ubuntu0.8.10.1)
devel_xulrunner-1.9: released (1.9.0.4+nobinonly-0ubuntu1)


Patches_seamonkey:
upstream_seamonkey: released (1.1.13)
dapper_seamonkey: DNE
gutsy_seamonkey: DNE
hardy_seamonkey: released (1.1.15+nobinonly-0ubuntu0.8.04.2)
intrepid_seamonkey: released (1.1.15+nobinonly-0ubuntu0.8.10.2)
devel_seamonkey: released (1.1.13+nobinonly-0ubuntu1)

Patches_iceape:
upstream_iceape: released (1.1.13)
dapper_iceape: DNE
gutsy_iceape: needed (reached end-of-life)
hardy_iceape: DNE
intrepid_iceape: DNE
devel_iceape: DNE


Patches_thunderbird:
upstream_thunderbird: released (2.0.0.18)
dapper_thunderbird: DNE
gutsy_thunderbird: released (2.0.0.18+nobinonly-0ubuntu0.7.10.1)
hardy_thunderbird: released (2.0.0.18+nobinonly-0ubuntu0.8.04.1)
intrepid_thunderbird: released (2.0.0.18+nobinonly-0ubuntu0.8.10.1)
devel_thunderbird: released (2.0.0.18+nobinonly-0ubuntu1)

Patches_mozilla-thunderbird:
upstream_mozilla-thunderbird: needs-triage
dapper_mozilla-thunderbird: released (1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1)
gutsy_mozilla-thunderbird: DNE
hardy_mozilla-thunderbird: DNE
intrepid_mozilla-thunderbird: DNE
devel_mozilla-thunderbird: DNE

Patches_icedove:
upstream_icedove: needs-triage
dapper_icedove: DNE
gutsy_icedove: DNE
hardy_icedove: DNE
intrepid_icedove: DNE
devel_icedove: DNE