Patch-ID# 119115-16 NOTE: *********************************************************************** READ THE TERMS OF THE AGREEMENT ("AGREEMENT") IN THE LEGAL_LICENSE.TXT FILE CAREFULLY BEFORE USING THIS SOFTWARE. BY USING THE SOFTWARE, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS, PROMPTLY DESTROY THE UNUSED SOFTWARE. *********************************************************************** Keywords: security mozilla jds memory crash roaming gok Synopsis: Mozilla 1.7 patch Date: Jan/30/2006 Install Requirements: NA Solaris Release: 10 SunOS Release: 5.10 Unbundled Product: Mozilla Unbundled Release: 1.7 Xref: This patch available for x86 as 119116 Topic: Relevant Architectures: sparc BugId's fixed with this patch: 5015369 5077554 6177442 6191277 6192644 6200696 6200705 6200990 6200994 6200999 6202289 6211632 6216830 6221725 6224482 6224900 6225441 6228782 6234566 6245856 6247811 6247837 6247838 6247849 6248466 6248468 6248516 6248547 6248548 6248557 6248594 6248613 6249776 6249777 6249778 6249857 6251128 6254398 6255667 6258444 6259266 6259860 6259866 6259873 6259902 6260571 6260573 6261013 6267169 6269887 6271958 6281357 6281360 6282170 6282190 6282893 6284465 6287117 6297174 6297209 6297215 6297218 6297219 6297231 6297242 6317624 6318009 6334587 6334619 6339970 6352958 Changes incorporated in this version: 6254398 6352958 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/sfw/include/mozilla/content/nsContentUtils.h /usr/sfw/include/mozilla/content/nsIEventListenerManager.h /usr/sfw/include/mozilla/content/nsIPrivateDOMEvent.h /usr/sfw/include/mozilla/content/nsMutationEvent.h /usr/sfw/include/mozilla/dom/nsIScriptObjectPrincipal.h /usr/sfw/include/mozilla/js/jsapi.h /usr/sfw/include/mozilla/js/jsdbgapi.h /usr/sfw/include/mozilla/js/jsinterp.h /usr/sfw/include/mozilla/layout/nsIFormControlFrame.h /usr/sfw/include/mozilla/nsIWindowWatcher.h /usr/sfw/include/mozilla/view/nsIViewObserver.h /usr/sfw/include/mozilla/webshell/nsILinkHandler.h /usr/sfw/include/mozilla/widget/nsEvent.h /usr/sfw/include/mozilla/widget/nsGUIEvent.h /usr/sfw/include/mozilla/widget/nsIEventListener.h /usr/sfw/include/mozilla/widget/nsIWidget.h /usr/sfw/include/mozilla/windowwatcher/nsPIWindowWatcher.h /usr/sfw/include/mozilla/xpinstall/nsXPITriggerInfo.h /usr/sfw/lib/mozilla/.sun_moz /usr/sfw/lib/mozilla/chrome/comm.jar /usr/sfw/lib/mozilla/chrome/en-US.jar /usr/sfw/lib/mozilla/chrome/sroaming.jar /usr/sfw/lib/mozilla/chrome/toolkit.jar /usr/sfw/lib/mozilla/components/caps.xpt /usr/sfw/lib/mozilla/components/content_base.xpt /usr/sfw/lib/mozilla/components/docshell.xpt /usr/sfw/lib/mozilla/components/dom_events.xpt /usr/sfw/lib/mozilla/components/libaccessibility.so /usr/sfw/lib/mozilla/components/libappcomps.so /usr/sfw/lib/mozilla/components/libcaps.so /usr/sfw/lib/mozilla/components/libchrome.so /usr/sfw/lib/mozilla/components/libcomposer.so /usr/sfw/lib/mozilla/components/libcookie.so /usr/sfw/lib/mozilla/components/libdocshell.so /usr/sfw/lib/mozilla/components/libeditor.so /usr/sfw/lib/mozilla/components/libembedcomponents.so /usr/sfw/lib/mozilla/components/libgfx_gtk.so /usr/sfw/lib/mozilla/components/libgfxps.so /usr/sfw/lib/mozilla/components/libgklayout.so /usr/sfw/lib/mozilla/components/libgkplugin.so /usr/sfw/lib/mozilla/components/libimglib2.so /usr/sfw/lib/mozilla/components/libjsd.so /usr/sfw/lib/mozilla/components/libmailnews.so /usr/sfw/lib/mozilla/components/libmsgcompose.so /usr/sfw/lib/mozilla/components/libnecko.so /usr/sfw/lib/mozilla/components/libnecko2.so /usr/sfw/lib/mozilla/components/libnsappshell.so /usr/sfw/lib/mozilla/components/liboji.so /usr/sfw/lib/mozilla/components/libpipboot.so /usr/sfw/lib/mozilla/components/libpipnss.so /usr/sfw/lib/mozilla/components/libpref.so /usr/sfw/lib/mozilla/components/librdf.so /usr/sfw/lib/mozilla/components/libsroaming.so /usr/sfw/lib/mozilla/components/libtransformiix.so /usr/sfw/lib/mozilla/components/libtypeaheadfind.so /usr/sfw/lib/mozilla/components/libwebbrwsr.so /usr/sfw/lib/mozilla/components/libwebsrvcs.so /usr/sfw/lib/mozilla/components/libwidget_gtk2.so /usr/sfw/lib/mozilla/components/libxmlextras.so /usr/sfw/lib/mozilla/components/libxpconnect.so /usr/sfw/lib/mozilla/components/libxpinstall.so /usr/sfw/lib/mozilla/components/nsHelperAppDlg.js /usr/sfw/lib/mozilla/components/search.xpt /usr/sfw/lib/mozilla/defaults/autoconfig/prefcalls.js /usr/sfw/lib/mozilla/greprefs/all.js /usr/sfw/lib/mozilla/libjsj.so /usr/sfw/lib/mozilla/libmozjs.so /usr/sfw/lib/mozilla/libmsgbaseutil.so /usr/sfw/lib/mozilla/libnspr4.so /usr/sfw/lib/mozilla/libxpcom.so /usr/sfw/lib/mozilla/mozilla-bin /usr/sfw/lib/mozilla/regxpcom /usr/sfw/lib/mozilla/res/forms.css /usr/sfw/lib/mozilla/run-mozilla.sh /usr/sfw/share/idl/mozilla/nsIWindowWatcher.idl /usr/sfw/share/idl/mozilla/nsPIWindowWatcher.idl Problem Description: 6254398:mozilla triggers too much lazy loading 6352958:Mozilla 1.7 patch 119115-13 breaks "Automatic proxy configuration file" (from 119115-15) 6249857 Leaks introduced by checkin to nsDOMClassInfo.cpp (from 119115-14) 6334587 [MFSA 2005-57] IDN heap overrun using soft-hyphens 6334619 [MFSA 2005-58] Firefox 1.0.7 / Mozilla Suite 1.7.12 Vulnerability Fixes 6339970 [MFSA 2005-59] Command-line handling on Linux allows shell execution (from 119115-13) 6191277 [gnopernicus] Starting line of username and password prompt window is not read by screen reader 6200696 [GOK] Performance with actions of scrollbar is slow. 6200705 [GOK] GOK Back button can't work after using Repeat Next for scrollbar 6282893 [Reader] Mozilla will hang when user tries to print the page. 6297174 [MFSA 2005-56] Code execution through shared function objects 6297242 [MFSA 2005-45] Content-generated event vulnerabilities 6317624 Mozilla cores on setting up IMAP mail account or selecting to view sidebar 6318009 Cannot open pdf files or run bugster in mozilla (from 119115-12) 6297209 [MFSA 2005-55] XHTML node spoofing 6297215 [MFSA 2005-52] Same origin violation: frame calling top.focus() 6297218 [MFSA 2005-50] Possibly exploitable crash in InstallVersion.compareTo() 6297219 [MFSA 2005-54] Javascript prompt origin spoofing 6297231 [MFSA 2005-48] Same-origin violation with InstallTrigger callback (from 119115-11) 6287117 Horizontal scroll bar hides the contents of a textarea 6258444 mozilla hangs on scripts (e.g. maps.google.com) (from 119115-10) 5015369 Need to have a pref enabled in the admin templates for Mozilla and APOC 6251128 User cannot change to any other paper size except A4 6267169 [theme] The dropdown menu in new www.sun.com does not cover the background when thread 6281360 NISCC vulnerability #891011 (Parsing of Various Image Formats by Web Browsers) 6282170 Mozilla / Mozilla Firefox Frame Injection Vulnerability 6282190 Drag image across browser windows --> crash 6284465 Table with large rowspans and colspans hangs the browser (from 119115-09) 6261013 Content of checkboxes are not printing in Mozilla 1.7 but it is in Mozilla 1.4. 6281357 Crash when apply method is called on String.prototype.match 6271958 Users that have large amounts of mail folders with sub-folders can not see all the folders (from 119115-08) 6269887 [MFSA 2005-42] Code execution via javascript: IconURL (from 119115-07) 6248548 [community security] MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing 6249776 [MFSA 2005-32] Drag and drop gestures can be hijacked to load privileged xul 6259266 [MFSA 2005-41] Privilege escalation via DOM property overrides 6259860 [MFSA 2005-37] Code execution through javascript: favicons 6259866 [MFSA 2005-36] Cross-site Scripting through global scope pollution 6259873 [MFSA 2005-33] Javascript "lambda" replace exposes memory contents 6259902 [MFSA 2005-40] Missing Install object instance checks 6260571 [MFSA 2005-35] Showing blocked javascript: popup uses wrong privilege context 6260573 [MFSA 2005-38] Search plugin cross-site scripting (from 119115-06) 6255667 Triple click required for drop down menu. This happens in application: Apollo. (from 119115-05) 6247811 [community security] MFSA 2005-27 Plugins can be used to load privileged content 6247837 [community security] MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab 6247838 [community security] MFSA 2005-24 HTTP auth prompt tab spoofing 6247849 [community security] MFSA 2005-30 GIF heap overflow parsing Netscape extension 6248466 [community security] MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion 6248468 [community security] MFSA 2005-18 Memory overwrite in string library 6248516 [community security] MFSA 2005-13 Window Injection Spoofing 6248547 [community security] MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts 6248557 [community security] MFSA 2005-14 SSL "secure site" indicator spoofing 6248594 [community security] MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files 6248613 [MFSA 2005-22] "Save Link As" Download Dialog spoofing Vulnerability. 6249777 [MFSA 2005-23] Download dialog source spoofing 6249778 [MFSA 2005-17] Install source spoofing with user:pass@host (from 119115-04) 6245856 mozilla just drops core on startup (from 119115-03) 6221725 [keyboard] Ctrl+Shift+Home/End doesn't work while caret browsing 6211632 [keyboard] Pressing Ctrl+Backspace twice in an RTL textarea crashes the browser 6192644 [keyboard] Ctrl+Home can't work in www.yahoo.com and www.mozilla.org. 6200999 "user preference" roaming item does not take effect 6200994 Need restart mozilla to make the "Window settings" roaming item take effect 5077554 Roaming "File/Copy" will destroy user's profile 6200990 Need restart mozilla to make the "cookie permission" roaming item take effect 6202289 Need restart Mozilla to make "cookies" roaming item take effect 6224482 in file/copy mode, when conflict happens, no server/client time and size info in conflict UI 6225441 The warning dialog should NOT pop up when starts up the Mozilla Roaming profile 6228782 Cannot print content of text fields 6216830 Mozilla URL bar failing to emit selection change events (at least, Gnopernicus isn't speaking them) 6224900 partial commit erase remaining preedit strings in Mozilla on Solaris 10 6234566 mozilla still sets LD_LIBRARY_PATH (from 119115-02) 6221725 [keyboard] Ctrl+Shift+Home/End doesn't work while caret browsing 6211632 [keyboard] Pressing Ctrl+Backspace twice in an RTL textarea crashes the browser 6192644 [keyboard] Ctrl+Home can't work in www.yahoo.com and www.mozilla.org. 6200999 "user preference" roaming item does not take effect 6200994 Need restart mozilla to make the "Window settings" roaming item take effect 5077554 Roaming "File/Copy" will destroy user's profile 6200990 Need restart mozilla to make the "cookie permission" roaming item take effect 6202289 Need restart Mozilla to make "cookies" roaming item take effect 6224482 in file/copy mode, when conflict happens, no server/client time and size info in conflict UI 6225441 The warning dialog should NOT pop up when starts up the Mozilla Roaming profile (from 119115-01) 6177442 Mozilla 1.4 grows very large with javascript and java applet that rewrites page Patch Installation Instructions: -------------------------------- For Solaris 2.0-2.6 releases, refer to the Install.info file and/or the README within the patch for instructions on using the generic 'installpatch' and 'backoutpatch' scripts provided with each patch. For Solaris 7-10 release, refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. Any other special or non-generic installation instructions should be described below as special instructions. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/104945-02 The following example removes a patch from a standalone system: example# patchrm 104945-02 For additional examples please see the appropriate man pages. Special Install Instructions: ----------------------------- To see Internationalized Domain Names (IDN) in your native language, type about:config in the locations field, scroll down to network.IDN_show_punycode and set the default value from true to false. README -- Last modified date: Monday, January 30, 2006