Import new and fix import of fixed_in.

2014-09-19 22:43:59 -04:00 · 2014-09-19 22:43:59 -04:00 · a3a4097247
--- a/announce/2010/mfsa2010-07.md
+++ b/announce/2010/mfsa2010-07.md
@ -49,4 +49,4 @@ under Vista or Windows 7 and using SSPI authentication.</p>



-</ul>
+</ul>
--- a/announce/2011/mfsa2011-18.md
+++ b/announce/2011/mfsa2011-18.md
@ -2,6 +2,8 @@
 announced: April 28, 2011
 fixed_in:
 - Firefox 4.0.1
+- Firefox 3.6.17
+- Firefox 3.5.19
 - SeaMonkey 2.0.14
 impact: Low
 reporter: Chris Evans
--- a/announce/2012/mfsa2012-01.md
+++ b/announce/2012/mfsa2012-01.md
@ -1,6 +1,7 @@
 ---
 announced: January 31, 2012
 fixed_in:
+- Firefox 10.0
 - Firefox 3.6.26
 - Thunderbird 10.0
 - Thunderbird 3.1.18
--- a/announce/2014/mfsa2014-48.md
+++ b/announce/2014/mfsa2014-48.md
@ -12,7 +12,7 @@ title: Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)

 <h3>Description</h3>

-<p>Mozilla developers and community identified identified and fixed several
+<p>Mozilla developers and community identified and fixed several
 memory safety bugs in the browser engine used in Firefox and other Mozilla-based
 products. Some of these bugs showed evidence of memory corruption under certain
 circumstances, and we presume that with enough effort at least some of these
--- a/announce/2014/mfsa2014-57.md
+++ b/announce/2014/mfsa2014-57.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 impact: High
 reporter: Atte Kettunen
--- a/announce/2014/mfsa2014-58.md
+++ b/announce/2014/mfsa2014-58.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 impact: High
 reporter: Atte Kettunen
--- a/announce/2014/mfsa2014-59.md
+++ b/announce/2014/mfsa2014-59.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 - Firefox ESR 24.7
 - Thunderbird 24.7
--- a/announce/2014/mfsa2014-61.md
+++ b/announce/2014/mfsa2014-61.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 - Firefox ESR 24.7
 - Thunderbird 24.7
--- a/announce/2014/mfsa2014-62.md
+++ b/announce/2014/mfsa2014-62.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 - Firefox ESR 24.7
 - Thunderbird 24.7
--- a/announce/2014/mfsa2014-63.md
+++ b/announce/2014/mfsa2014-63.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 - Firefox ESR 24.7
 - Thunderbird 24.7
--- a/announce/2014/mfsa2014-64.md
+++ b/announce/2014/mfsa2014-64.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 - Firefox ESR 24.7
 - Thunderbird 24.7
--- a/announce/2014/mfsa2014-65.md
+++ b/announce/2014/mfsa2014-65.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 impact: Moderate
 reporter: Christian Holler
--- a/announce/2014/mfsa2014-66.md
+++ b/announce/2014/mfsa2014-66.md
@ -1,6 +1,7 @@
 ---
 announced: July 22, 2014
 fixed_in:
+- Firefox 31
 - Thunderbird 31
 impact: Moderate
 reporter: Boris Zbarsky
--- a/announce/2014/mfsa2014-67.md
+++ b/announce/2014/mfsa2014-67.md
@ -0,0 +1,56 @@
+---
+announced: September 2, 2014
+fixed_in:
+- Firefox 32
+- Firefox ESR 24.8
+- Firefox ESR 31.1
+- Thunderbird 31.1
+- Thunderbird 24.8
+impact: Critical
+reporter: Mozilla Developers
+title: Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
+---
+
+<h3>Description</h3>
+
+<p>Mozilla developers and community identified and fixed several
+memory safety bugs in the browser engine used in Firefox and other Mozilla-based
+products. Some of these bugs showed evidence of memory corruption under certain
+circumstances, and we presume that with enough effort at least some of these
+could be exploited to run arbitrary code.</p>
+
+<p class="note">In general these flaws cannot be exploited through email in the
+Thunderbird product because scripting is disabled, but are potentially a risk in
+browser or browser-like contexts.</p>
+
+<h3>References</h3>
+
+<p>Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7,
+ESR 31 and Firefox 31.</p>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1054359">
+          Memory safety bugs fixed in Firefox ESR 24.8, Firefox ESR 31.1 and
+Firefox 32.</a> (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562" class="ex-ref">CVE-2014-1562</a>)</li>
+</ul>
+
+<p>Christian Holler, Jan de Mooij, Karl Tomlinson, Randell Jesup, Gary Kwong,
+Jesse Ruderman, and JW Wang reported memory safety problems and crashes that
+affect Firefox ESR 31 and Firefox 31.</p>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/buglist.cgi?bug_id=1037666,1041148,995075,&#10;1022945,1027359,1035007,1033121">
+          Memory safety bugs fixed in Firefox ESR 31.1 and Firefox 32.</a> (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1553" class="ex-ref">CVE-2014-1553</a>)</li>
+</ul>
+
+<p>Gary Kwong, Christian Holler, and David Weir reported memory safety problems
+and crashes that affect Firefox 31.</p>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/buglist.cgi?bug_id=995704,990247,1004480,&#10;1016519">
+          Memory safety bugs fixed in Firefox 32.</a> (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1554" class="ex-ref">CVE-2014-1554</a>)</li>
+</ul>
+
+
+
+
--- a/announce/2014/mfsa2014-68.md
+++ b/announce/2014/mfsa2014-68.md
@ -0,0 +1,33 @@
+---
+announced: September 2, 2014
+fixed_in:
+- Firefox 32
+- Firefox ESR 31.1
+- Thunderbird 31.1
+impact: Critical
+reporter: Abhishek Arya
+title: Use-after-free during DOM interactions with SVG
+---
+
+<h3>Description</h3>
+
+<p>Security researcher <strong>Abhishek Arya</strong> (Inferno) of the Google
+Chrome Security Team used the Address Sanitizer tool to discover a
+use-after-free during cycle collection. This was found in interactions with the
+SVG content through the document object model (DOM) with animating SVG content.
+This leads to a potentially exploitable crash.
+</p>
+
+<p class="note">In general this flaw cannot be exploited through email in the
+Thunderbird product because scripting is disabled, but is potentially a risk in
+browser or browser-like contexts.</p>
+
+<h3>References</h3>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1018524">
+       Heap-use-after-free in mozilla::DOMSVGLength::GetTearOff</a> (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1563" class="ex-ref">CVE-2014-1563</a>)</li>
+</ul>
+
+
+
--- a/announce/2014/mfsa2014-69.md
+++ b/announce/2014/mfsa2014-69.md
@ -0,0 +1,30 @@
+---
+announced: September 2, 2014
+fixed_in:
+- Firefox 32
+- Firefox ESR 31.1
+- Thunderbird 31.1
+impact: High
+reporter: Michal Zalewski
+title: Uninitialized memory use during GIF rendering
+---
+
+<h3>Description</h3>
+
+<p>Google security researcher <strong>Michal Zalewski</strong> discovered that
+when a malformated GIF image is rendered in certain circumstances, memory is not
+properly initialized before use. The resulting image then uses this memory
+during rendering. This could allow for the a script in web content to access
+this unitialized memory using the <code>&lt;canvas&gt;</code> feature. 
+</p>
+
+<h3>References</h3>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1045977">
+       Apparent info leak caused by uninitialized memory with malformed GIFs</a>
+(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1564" class="ex-ref">CVE-2014-1564</a>)</li>
+</ul>
+
+
+
--- a/announce/2014/mfsa2014-70.md
+++ b/announce/2014/mfsa2014-70.md
@ -0,0 +1,31 @@
+---
+announced: September 2, 2014
+fixed_in:
+- Firefox 32
+- Firefox ESR 31.1
+- Thunderbird 31.1
+impact: Moderate
+reporter: Holger Fuhrmannek
+title: Out-of-bounds read in Web Audio audio timeline
+---
+
+<h3>Description</h3>
+
+<p>Security researcher <strong>Holger Fuhrmannek</strong> discovered an
+out-of-bounds read during the creation of an audio timeline in Web Audio. This
+results in a crash and could allow for the reading of random memory values. 
+</p>
+
+<p class="note">In general this flaw cannot be exploited through email in the
+Thunderbird product because web audio is disabled, but is potentially a risk in
+browser or browser-like contexts.</p>
+
+<h3>References</h3>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1047831">
+       Out-of-bounds Read in mozilla::dom::AudioEventTimeline</a> (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1565" class="ex-ref">CVE-2014-1565</a>)</li>
+</ul>
+
+
+
--- a/announce/2014/mfsa2014-71.md
+++ b/announce/2014/mfsa2014-71.md
@ -0,0 +1,35 @@
+---
+announced: September 2, 2014
+fixed_in:
+- Firefox 32
+- Firefox 31.1
+impact: High
+reporter: Yu Dongsong
+title: 'Profile directory file access through file: protocol'
+---
+
+<h3>Description</h3>
+
+<p>Security researcher <strong>Yu Dongsong</strong> reported on Firefox for
+Android that a <code>file:</code> protocol hyperlink could link to a local file
+in the Firefox profile directory, bypassing access restrictions. This issue was
+previously addressed in <a href="https://www.mozilla.org/security/announce/2014/mfsa2014-33.html">Mozilla
+Foundation Security Advisory 2014-33</a> but not completely.</p>
+
+<p>This problem allows for profile data, such as cookies, to be copied to the SD
+card without prompting to the use. This SD card location is world readable
+leading to a potential information disclosure of files in the Firefox profile
+through a malicious application.
+</p>
+
+<p class="note">This issue only affects Firefox for Android.</p>
+
+<h3>References</h3>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1050690">
+        Download arbitrary files to SD card</a> (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1566" class="ex-ref">CVE-2014-1566</a>)</li>
+</ul>
+
+
+
--- a/announce/2014/mfsa2014-72.md
+++ b/announce/2014/mfsa2014-72.md
@ -0,0 +1,35 @@
+---
+announced: September 2, 2014
+fixed_in:
+- Firefox 32
+- Firefox ESR 24.8
+- Firefox ESR 31.1
+- Thunderbird 31.1
+- Thunderbird 24.8
+impact: Critical
+reporter: regenrecht
+title: Use-after-free setting text directionality
+---
+
+<h3>Description</h3>
+
+<p>Security researcher <strong>regenrecht</strong> reported, via TippingPoint's
+Zero Day Initiative, a use-after-free during text layout when interacting with
+the setting of text direction. This results in a use-after-free which can lead
+to arbitrary code execution. 
+</p>
+
+<p class="note">In general this flaw cannot be exploited through email in the
+Thunderbird product because scripting is disabled, but is potentially a risk in
+browser or browser-like contexts.</p>
+
+<h3>References</h3>
+
+<ul>
+  <li><a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1037641">
+       Mozilla Firefox DirectionalityUtils Use-After-Free Remote Code Execution
+Vulnerability</a> (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567" class="ex-ref">CVE-2014-1567</a>)</li>
+</ul>
+
+
+
--- a/import_html.py
+++ b/import_html.py
@ -59,8 +59,10 @@ def extract_metadata(doc):
                metadata[curr_key][-1] += text
        elif hasattr(el, 'tag'):
            if el.tag == 'span':
-                key = slugify(unicode(el.text))
-                if key and not key.startswith('&'):
+                key = el.text
+                if key:
+                    key = slugify(unicode(key))
+                if key and not key == curr_key and not key.startswith('&'):
                    metadata[key] = ['']
                    curr_key = key
                else:
@ -78,6 +80,10 @@ def extract_metadata(doc):
        del metadata['products']
    except KeyError:
        pass
+    try:
+        del metadata['product']
+    except KeyError:
+        pass

    # reduce all but specific keys to single entries
    for k, v in metadata.iteritems():