Bug 256195 (sbb?)

Security Bug Bounty: nominated

RESOLVED WORKSFORME

Status

()

defect
RESOLVED WORKSFORME
15 years ago
7 months ago

People

(Reporter: dveditz, Assigned: dveditz)

Tracking

(Depends on 1 bug, {meta, sec-other})

Trunk
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:nse] meta)

Meta bug to track security bug bounty nominations. Once decided they should be
moved to either the Awarded or Rejected tracking bugs.
Whiteboard: [sg:meta]
Alias: sbb?
Depends on: 245066
Depends on: 255067
Depends on: 249004
Status: NEW → ASSIGNED
Depends on: 256316
Depends on: 257314
Depends on: 258005
Depends on: 258173
Initial bug bounty awards:

Marcel Boesch, for bug 249004

Gaël Delalleau, two for bug 245066 and bug 255067

Mats Palmgren and Gaël Delalleau split one for bug 250900 (trunk) and bug 256316
(1.7/aviary branch)

Georgi Guninski, two for bug 257314 and bug 258005
No longer depends on: 245066, 249004, 255067, 256316, 257314, 258005
Blocks: sbb+, sbb-
Bug 258173 is not a remote exploit, a bounty will not be awarded.
No longer blocks: sbb+, sbb-
No longer depends on: 258173
bug 259403 requires Java, does not qualify for bug bounty.
Depends on: 260140
Depends on: 260560
Depends on: 259708
No longer depends on: 259708
Depends on: 264388
Depends on: 266140
Depends on: 272381
No longer depends on: 272381
Depends on: 273419
Depends on: 273116
No longer depends on: 273419
Depends on: punycode
Depends on: 279945
Depends on: 280664
Depends on: 258048
Depends on: 268820
Depends on: 280056
Depends on: 288556
Depends on: 288732
No longer depends on: 288732
Depends on: 290324
Depends on: 290162
Depends on: 289675
Depends on: 290079
Depends on: 290908
Depends on: 290949
No longer depends on: 260560
No longer depends on: 279945
No longer depends on: 280056
No longer depends on: 280664
Michael Krax was awarded five bounties: firespoofing (bug 260560), firedragging
(bug 279945), firetabbing (bug 280056), fireflashing (bug 280664) and
firescrolling2 (bug 288164).
bug 268820 is a duplicate of bug 265668
Depends on: 265668
No longer depends on: 268820
Depends on: 290982
Depends on: 292691
Depends on: 292499
Depends on: 291745
Depends on: 291314
No longer depends on: 289074
Catching up on Firefox 1.0.2 and 1.0.3 era Bounties awarded.
Depends on: 291640
Depends on: 291651
Depends on: 292624
Depends on: 292737
Depends on: 292789
Depends on: 292937
Depends on: 293424
Depends on: 293527
Depends on: 295011
Depends on: 292591
Depends on: 291150
Depends on: 294795
Depends on: 294074
No longer depends on: 273116
No longer depends on: punycode
Depends on: 295854
Depends on: 296704
Depends on: 299450
Depends on: 293331
Depends on: 305335
Depends on: 307259
Depends on: 304754
Depends on: 311025
Depends on: 311403
Depends on: 311455
Depends on: 311962
Depends on: 311024
Depends on: 311792
Depends on: 311497
Depends on: 313370
Depends on: 313630
Depends on: 313684
Tom Ferris awarded a bounty for bug 307259
No longer depends on: 307259
Depends on: 313366
Depends on: 314865
Depends on: 313763
Depends on: 306261
Depends on: 296514
heatsync asked me about https://bugzilla.mozilla.org/show_bug.cgi?id=315004
Depends on: 315004
Whiteboard: [sg:meta] → [sg:nse] meta
Depends on: 317380
Depends on: 331334
Depends on: 334977
Depends on: 338288
Depends on: 338804
Depends on: 340198
Depends on: 340107
Depends on: 344759
Dan, 
if bug 340198 qualifies for a bounty, then so do bug 240261 and bug 308244 IMO.
They're all duplicates of one another, unrecongized as such (until now) 
because they are all marked security sensitive.
This is the "nominated" list, doesn't mean we're awarding anything yet.

But in fact 340198 isn't a pure duplicate, it combines the behavior described in those older spoofing bugs with the software update system to describe a different blended attack. Also bug 340198 could be solved in ways that don't require solving those other bugs, such as by shipping with the "one true cert" for update.
Depends on: 338523
Depends on: 355655
Depends on: 374570
This bug isn't being used anymore
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → WORKSFORME
Group: javascript-core-security
Group: javascript-core-security
Keywords: sec-other
Group: core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.