Patch-ID# 119116-35 NOTE: *********************************************************************** Your use of the firmware, software and any other materials contained in this update is subject to My Oracle Support Terms of Use, which may be viewed at https://support.oracle.com. *********************************************************************** For further information on patching best practices and resources, please see the Oracle Technology Network Patching Center: http://www.oracle.com/technetwork/systems/patches *********************************************************************** Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved. *********************************************************************** Keywords: security mozilla jds memory crash roaming gok Synopsis: Mozilla 1.7_x86 patch Date: Aug/05/2009 Install Requirements: NA Solaris Release: 10_x86 SunOS Release: 5.10_x86 Unbundled Product: Mozilla Unbundled Release: 1.7_x86 Xref: This patch available for SPARC as 119115 Topic: Mozilla 1.7_x86 patch Relevant Architectures: i386 BugId's fixed with this patch: 5015369 5077554 6177442 6191277 6192644 6200696 6200705 6200990 6200994 6200999 6202289 6211632 6216830 6221725 6224482 6224900 6225441 6228782 6234566 6245856 6247811 6247837 6247838 6247849 6248466 6248468 6248516 6248547 6248548 6248557 6248594 6248613 6249776 6249777 6249778 6249857 6251128 6254398 6255667 6258444 6259266 6259860 6259866 6259873 6259902 6260571 6260573 6261013 6267169 6269887 6271958 6281357 6281360 6282170 6282190 6282893 6284465 6287117 6297174 6297209 6297215 6297218 6297219 6297231 6297242 6317624 6318009 6334587 6334619 6339970 6352958 6360106 6369969 6384953 6391562 6412730 6415123 6415128 6415131 6415133 6415135 6415138 6415142 6415143 6424493 6424545 6424548 6424551 6424560 6424563 6424567 6424568 6424573 6424574 6424577 6424579 6447020 6447021 6447022 6447023 6458750 6458752 6458753 6458754 6458755 6461074 6488248 6499437 6499438 6501194 6508395 6508397 6508398 6508400 6514036 6564240 6565136 6824695 Changes incorporated in this version: 6824695 Patches accumulated and obsoleted by this patch: Patches which conflict with this patch: Patches required with this patch: Obsoleted by: Files included with this patch: /usr/sfw/include/mozilla/content/nsContentUtils.h /usr/sfw/include/mozilla/content/nsIEventListenerManager.h /usr/sfw/include/mozilla/content/nsIPrivateDOMEvent.h /usr/sfw/include/mozilla/content/nsMutationEvent.h /usr/sfw/include/mozilla/dom/nsIScriptObjectPrincipal.h /usr/sfw/include/mozilla/js/js.msg /usr/sfw/include/mozilla/js/jsapi.h /usr/sfw/include/mozilla/js/jsarena.h /usr/sfw/include/mozilla/js/jsarray.h /usr/sfw/include/mozilla/js/jscntxt.h /usr/sfw/include/mozilla/js/jsdbgapi.h /usr/sfw/include/mozilla/js/jsinterp.h /usr/sfw/include/mozilla/js/jsobj.h /usr/sfw/include/mozilla/js/jsregexp.h /usr/sfw/include/mozilla/layout/nsGridLayout2.h /usr/sfw/include/mozilla/layout/nsIFormControlFrame.h /usr/sfw/include/mozilla/layout/nsITreeView.h /usr/sfw/include/mozilla/layout/nsTreeBodyFrame.h /usr/sfw/include/mozilla/layout/nsTreeContentView.h /usr/sfw/include/mozilla/nsIWindowWatcher.h /usr/sfw/include/mozilla/nss/secerr.h /usr/sfw/include/mozilla/string/nsReadableUtils.h /usr/sfw/include/mozilla/view/nsIViewObserver.h /usr/sfw/include/mozilla/webshell/nsILinkHandler.h /usr/sfw/include/mozilla/widget/nsEvent.h /usr/sfw/include/mozilla/widget/nsGUIEvent.h /usr/sfw/include/mozilla/widget/nsIEventListener.h /usr/sfw/include/mozilla/widget/nsIWidget.h /usr/sfw/include/mozilla/windowwatcher/nsPIWindowWatcher.h /usr/sfw/include/mozilla/xpinstall/nsXPITriggerInfo.h /usr/sfw/lib/mozilla/.sun_moz /usr/sfw/lib/mozilla/chrome/comm.jar /usr/sfw/lib/mozilla/chrome/en-US.jar /usr/sfw/lib/mozilla/chrome/sroaming.jar /usr/sfw/lib/mozilla/chrome/toolkit.jar /usr/sfw/lib/mozilla/components/caps.xpt /usr/sfw/lib/mozilla/components/content_base.xpt /usr/sfw/lib/mozilla/components/docshell.xpt /usr/sfw/lib/mozilla/components/dom_events.xpt /usr/sfw/lib/mozilla/components/libaccessibility.so /usr/sfw/lib/mozilla/components/libaddrbook.so /usr/sfw/lib/mozilla/components/libappcomps.so /usr/sfw/lib/mozilla/components/libcaps.so /usr/sfw/lib/mozilla/components/libchrome.so /usr/sfw/lib/mozilla/components/libcomposer.so /usr/sfw/lib/mozilla/components/libcookie.so /usr/sfw/lib/mozilla/components/libdocshell.so /usr/sfw/lib/mozilla/components/libeditor.so /usr/sfw/lib/mozilla/components/libembedcomponents.so /usr/sfw/lib/mozilla/components/libgfx_gtk.so /usr/sfw/lib/mozilla/components/libgfxps.so /usr/sfw/lib/mozilla/components/libgklayout.so /usr/sfw/lib/mozilla/components/libgkplugin.so /usr/sfw/lib/mozilla/components/libhtmlpars.so /usr/sfw/lib/mozilla/components/libi18n.so /usr/sfw/lib/mozilla/components/libimglib2.so /usr/sfw/lib/mozilla/components/libjsd.so /usr/sfw/lib/mozilla/components/libmailnews.so /usr/sfw/lib/mozilla/components/libmime.so /usr/sfw/lib/mozilla/components/libmimeemitter.so /usr/sfw/lib/mozilla/components/libmsgcompose.so /usr/sfw/lib/mozilla/components/libnecko.so /usr/sfw/lib/mozilla/components/libnecko2.so /usr/sfw/lib/mozilla/components/libnsappshell.so /usr/sfw/lib/mozilla/components/liboji.so /usr/sfw/lib/mozilla/components/libpipboot.so /usr/sfw/lib/mozilla/components/libpipnss.so /usr/sfw/lib/mozilla/components/libpref.so /usr/sfw/lib/mozilla/components/librdf.so /usr/sfw/lib/mozilla/components/libsroaming.so /usr/sfw/lib/mozilla/components/libtransformiix.so /usr/sfw/lib/mozilla/components/libtypeaheadfind.so /usr/sfw/lib/mozilla/components/libuconv.so /usr/sfw/lib/mozilla/components/libwallet.so /usr/sfw/lib/mozilla/components/libwebbrwsr.so /usr/sfw/lib/mozilla/components/libwebsrvcs.so /usr/sfw/lib/mozilla/components/libwidget_gtk2.so /usr/sfw/lib/mozilla/components/libxmlextras.so /usr/sfw/lib/mozilla/components/libxpconnect.so /usr/sfw/lib/mozilla/components/libxpinstall.so /usr/sfw/lib/mozilla/components/nsHelperAppDlg.js /usr/sfw/lib/mozilla/components/search.xpt /usr/sfw/lib/mozilla/defaults/autoconfig/prefcalls.js /usr/sfw/lib/mozilla/defaults/profile/US/bookmarks.html /usr/sfw/lib/mozilla/defaults/profile/bookmarks.html /usr/sfw/lib/mozilla/greprefs/all.js /usr/sfw/lib/mozilla/libgkgfx.so /usr/sfw/lib/mozilla/libjsj.so /usr/sfw/lib/mozilla/libmozjs.so /usr/sfw/lib/mozilla/libmsgbaseutil.so /usr/sfw/lib/mozilla/libnspr4.so /usr/sfw/lib/mozilla/libnss3.so /usr/sfw/lib/mozilla/libsmime3.so /usr/sfw/lib/mozilla/libsoftokn3.so /usr/sfw/lib/mozilla/libxpcom.so /usr/sfw/lib/mozilla/mozilla-bin /usr/sfw/lib/mozilla/regxpcom /usr/sfw/lib/mozilla/res/forms.css /usr/sfw/lib/mozilla/run-mozilla.sh /usr/sfw/share/idl/mozilla/nsIWindowWatcher.idl /usr/sfw/share/idl/mozilla/nsPIWindowWatcher.idl /usr/share/applications/mozilla.desktop Problem Description: 6824695 Mozilla will crash when printing a page (from 119116-34) 6501194 [MFSA#2006-65] CVE-2006-5748: potential memory corruption in the JavaScript engine (from 119116-33) 6564240 [MFSA 2007-12] VU#609956 [CVE-2007-2868] JavaScript engine memory corruption (from 119116-32) 6565136 thunderbird->help->release notes does not respond (from 119116-31) 6499437 [MFSA#2006-67] Running Script can be recompiled (from 119116-30) 6458755 [MFSA 2006-55] Mozilla contains multiple memory corruption vulnerabilities (from 119116-29) 6508397 [MFSA 2006-68] VU#447772 [CVE-2006-6498] JavaScript engine vulnerability (from 119116-28) 6447023 [MFSA 2006-32] Mozilla contains multiple memory corruption vulnerabilities (from 119116-27) 6514036 [s10update] menu items to be changed for web browser with addition of Firefox (from 119116-26) 6508395 [MFSA 2006-68] VU#606260 [CVE-2006-6497] layout engine vulnerability (from 119116-25) 6458752 [MFSA 2006-50] Mozilla fails to properly handle garbage collection (from 119116-24) 6508398 [MFSA 2006-68] VU#427972 [CVE-2006-6499] js_dtoa vulnerability (from 119116-23) 6447022 [MSFA 2006-37] Mozilla may process content-defined setters on object prototypes with elevated privileges 6508400 [MFSA 2006-74] VU#887332 [CVE-2006-6505] mail header buffer overflows (from 119116-22) 6499438 [MFSA 2006-66] RSA Signature Forgery (variant) 6488248 [MFSA 2006-60] Mozilla(NSS) RSA signature forgery issue (from 119116-21) 6458754 [MFSA 2006-51] Mozilla products fail to properly validate JavaScript constructors 6458753 [MFSA 2006-50] Mozilla JavaScript engine contains multiple integer overflows 6458750 [MFSA 2006-49] Mozilla products VCard attachment buffer overflow 6447020 [MFSA 2006-43] Mozilla privilege escalation using addSelectionListener 6447021 [MFSA 2006-38] Mozilla contains buffer overflow vulnerability in crypto.signText() 6415123 [MFSA 2006-24] Mozilla crypto.generateCRMFRequest() vulnerability (from 119116-20) 6424573 [MFSA 2006-10] JavaScript garbage-collection hazard audit (rework) 6391562 APOC adapter not registered as the preference provider 6461074 [s10u3] Mozilla cores on browsing http://www.yahoo.com (from 119116-19) 6412730 Mozilla: Localstore.rdf XML injection through XULDocument.persist() 6424493 [MFSA 2006-27] table rebuilding code execution vulnerability 6424545 [MFSA 2006-25] privilege escalation through Print Preview 6424548 [MFSA 2006-23] file stealing by changing input type 6415128 [MFSA 2006-22] Mozilla CSS Letter-Spacing vulnerability 6424551 [MFSA 2006-21] JavaScript execution in mail when forwarding in-line 6415143 [MFSA 2006-20] Mozilla DHTML memory corruption vulnerabilities 6424560 [MFSA 2006-19] cross-site scripting using .valueOf.call() 6415138 [MFSA 2006-18] Mozilla tag order memory corruption vulnerability 6424563 [MFSA 2006-17] cross-site scripting through window.controllers 6415131 [MFSA 2006-16] Mozilla XBL binding vulnerability 6415133 [MFSA 2006-15] Mozilla JavaScript cloned parent vulnerability 6415135 [MFSA 2006-14] Mozilla privilege escalation vulnerability via XBL.method.eval 6424567 [MFSA 2006-13] downloading executables with "Save Image As..." 6424568 [MFSA 2006-12] secure-site spoof (requires security warning dialog) 6415142 [MFSA 2006-11] Mozilla CSS, regex,... memory corruption vulnerabilities 6424573 [MFSA 2006-10] JavaScript garbage-collection hazard audit 6424574 [MFSA 2006-09] cross-site JavaScript injection using event handlers 6424577 [MFSA 2006-03] long document title causes startup denial of service 6424579 [MFSA 2006-01] JavaScript garbage-collection hazards (from 119116-18) 6384953 Mozilla in Solaris should not include "Linux Registration" in default bookmarks (from 119116-17) 6360106 "Mozilla Public License" & "Netscape Public License" links don't work in Moz1.7 Help->AboutWebBrowser 6369969 Mozilla crash when visiting https://bugzilla.mozilla.org/attachment.cgi?id=180797 (from 119116-16) 6254398 Mozilla triggers too much lazy loading 6352958 Mozilla 1.7 patch 119115-13 breaks "Automatic proxy configuration file" (from 119116-15) 6249857 leaks introduced by checkin to nsDOMClassInfo.cpp (from 119116-14) 6339970 [MFSA 2005-59] command-line handling on Linux allows shell execution 6334619 [MFSA 2005-58] Firefox 1.0.7/Mozilla Suite 1.7.12 Vulnerability Fixes 6334587 [MFSA 2005-57] IDN heap overrun using soft-hyphens (from 119116-13) 6191277 [gnopernicus] starting line of username and password prompt window not read by screen reader 6200696 [GOK] performance with actions of scrollbar is slow 6200705 [GOK] GOK Back button can't work after using Repeat Next for scrollbar 6282893 [Reader] Mozilla will hang when user tries to print the page 6297174 [MFSA 2005-56] code execution through shared function objects 6297242 [MFSA 2005-45] content-generated event vulnerabilities 6317624 Mozilla cores on setting up IMAP mail account or selecting to view sidebar 6318009 cannot open pdf files or run bugster in Mozilla (from 119116-12) 6297209 [MFSA 2005-55] XHTML node spoofing 6297219 [MFSA 2005-54] JavaScript prompt origin spoofing 6297215 [MFSA 2005-52] same origin violation: frame calling top.focus() 6297218 [MFSA 2005-50] possibly exploitable crash in InstallVersion.compareTo() 6297231 [MFSA 2005-48] same-origin violation with InstallTrigger callback (from 119116-11) 6287117 horizontal scroll bar hides contents of a textarea 6258444 Mozilla hangs on scripts (e.g. maps.google.com) (from 119116-10) 5015369 need to have a pref enabled in admin templates for Mozilla and APOC 6251128 user cannot change to any other paper size except A4 6267169 [theme] dropdown menu in new www.sun.com does not cover background when themed 6281360 NISCC vulnerability #891011 (Parsing of Various Image Formats by Web Browsers) 6282170 Mozilla/Mozilla Firefox Frame Injection Vulnerability 6282190 drag image across browser windows --> crash 6284465 table with large rowspans and colspans hangs browser (from 119116-09) 6261013 content of checkboxes not printing in Mozilla 1.7 but it is in Mozilla 1.4 6281357 crash when apply method is called on String.prototype.match 6271958 users with large amounts of mail folders with sub-folders cannot see all folders (from 119116-08) 6269887 [MFSA 2005-42] code execution via JavaScript: IconURL (from 119116-07) 6248548 [community security] MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing 6259266 [MFSA 2005-41] privilege escalation via DOM property overrides 6259902 [MFSA 2005-40] missing Install object instance checks 6260573 [MFSA 2005-38] search plugin cross-site scripting 6259860 [MFSA 2005-37] code execution through JavaScript: favicons 6259866 [MFSA 2005-36] cross-site Scripting through global scope pollution 6260571 [MFSA 2005-35] showing blocked JavaScript: popup uses wrong privilege context 6259873 [MFSA 2005-33] JavaScript "lambda" replace exposes memory contents 6249776 [MFSA 2005-32] drag and drop gestures can be hijacked to load privileged xul (from 119116-06) 6255667 triple click required for drop down menu. This happens in application: Apollo. (from 119116-05) 6247849 [community security] MFSA 2005-30 GIF heap overflow parsing Netscape extension 6248594 [community security] MFSA 2005-28 unsafe /tmp/plugtmp directory exploitable to erase user's files 6247811 [community security] MFSA 2005-27 plugins can be used to load privileged content 6247837 [community security] MFSA 2005-26 cross-site scripting by dropping JavaScript: link on tab 6247838 [community security] MFSA 2005-24 HTTP auth prompt tab spoofing 6248547 [community security] MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts 6248468 [community security] MFSA 2005-18 memory overwrite in string library 6248466 [community security] MFSA 2005-15 heap overflow possible in UTF8 to Unicode conversion 6248557 [community security] MFSA 2005-14 SSL "secure site" indicator spoofing 6248516 [community security] MFSA 2005-13 Window Injection Spoofing 6248613 [MFSA 2005-22] "Save Link As" Download Dialog spoofing Vulnerability 6249777 [MFSA 2005-23] download dialog source spoofing 6249778 [MFSA 2005-17] install source spoofing with user:pass@host (from 119116-04) 6245856 Mozilla just drops core on startup (from 119116-03) 6221725 [keyboard] Ctrl+Shift+Home/End doesn't work while caret browsing 6211632 [keyboard] pressing Ctrl+Backspace twice in an RTL textarea crashes browser 6192644 [keyboard] Ctrl+Home can't work in www.yahoo.com and www.mozilla.org 6200999 "user preference" roaming item does not take effect 6200994 need to restart Mozilla to make "Window settings" roaming item take effect 5077554 roaming "File/Copy" will destroy user's profile 6200990 need to restart Mozilla to make "cookie permission" roaming item take effect 6202289 need to restart Mozilla to make "cookies" roaming item take effect 6224482 in file/copy mode, when conflict happens, no server/client time and size info in conflict UI 6225441 warning dialog should NOT pop up when starts up Mozilla Roaming profile 6228782 cannot print content of text fields 6216830 Mozilla URL bar failing to emit selection change events (Gnopernicus isn't speaking them) 6224900 partial commit erase remaining preedit strings in Mozilla on Solaris 10 6234566 Mozilla still sets LD_LIBRARY_PATH (from 119116-02) 6221725 [keyboard] Ctrl+Shift+Home/End doesn't work while caret browsing 6211632 [keyboard] pressing Ctrl+Backspace twice in an RTL textarea crashes browser 6192644 [keyboard] Ctrl+Home can't work in www.yahoo.com and www.mozilla.org 6200999 "user preference" roaming item does not take effect 6200994 need to restart Mozilla to make "Window settings" roaming item take effect 5077554 roaming "File/Copy" will destroy user's profile 6200990 need to restart Mozilla to make "cookie permission" roaming item take effect 6202289 need to restart Mozilla to make "cookies" roaming item take effect 6224482 in file/copy mode, when conflict happens, no server/client time and size info in conflict UI 6225441 warning dialog should NOT pop up when starts up the Mozilla Roaming profile (from 119116-01) 6177442 Mozilla 1.4 grows very large with JavaScript and Java applet that rewrites page Patch Installation Instructions: -------------------------------- Please refer to the man pages for instructions on using 'patchadd' and 'patchrm' scripts provided with Solaris. The following example installs a patch to a standalone machine: example# patchadd /var/spool/patch/123456-07 The following example removes a patch from a standalone system: example# patchrm 123456-07 For additional examples please see the appropriate man pages. Any other special or non-generic installation instructions should be described below as special instructions. Special Install Instructions: ----------------------------- NOTE 1: To see Internationalized Domain Names (IDN) in your native language, type about:config in the locations field, scroll down to network.IDN_show_punycode and set the default value from true to false. NOTE 2: After applying the patch logout and login for patch to take effect. README -- Last modified date: Monday, September 8, 2014