Issue 106816 - fix CVE-2009-1563 in Mozilla code shipped with
Summary: fix CVE-2009-1563 in Mozilla code shipped with
Alias: None
Product: Base
Classification: Application
Component: code (show other issues)
Version: DEV300m4
Hardware: Sun All
: P3 Trivial (vote)
Target Milestone: OOo 3.2
Assignee: Frank Schönheit
QA Contact: issues@dba
Depends on:
Blocks: 99999
  Show dependency tree
Reported: 2009-11-11 12:40 UTC by Frank Schönheit
Modified: 2017-05-20 10:20 UTC (History)
3 users (show)

See Also:
Issue Type: DEFECT
Latest Confirmation in: ---
Developer Difficulty: ---


Note You need to log in before you can comment on or make changes to this issue.
Description Frank Schönheit 2009-11-11 12:40:47 UTC
The recently disclosed CVE-2009-1563
( needs to be fixed
in the upcoming 3.2 release, which ships with nspr4 lib,
containing the flawed code.
Comment 1 malte_timmermann 2009-11-12 10:20:44 UTC
Just for clarification: We think that OOo is not affected by this issue, so this
issue is only here because we don't want to continue shipping a vulnerable
version of nspr
Comment 2 Frank Schönheit 2009-11-17 11:55:08 UTC
fixed in CWS dba32j

find more information about this CWS, like when it is available in the master
builds, in EIS, the Environment Information System:
Comment 3 Frank Schönheit 2009-11-25 07:32:47 UTC