Latest firefox vulnerability
Eric Dorland
eric at debian.org
Wed Jun 7 00:03:59 UTC 2006
* Moritz Muehlenhoff (jmm at inutil.org) wrote:
> Alexander Sack wrote:
> > On Tue, Jun 06, 2006 at 11:45:56PM +0200, Moritz Muehlenhoff wrote:
> > > Michael Stone wrote:
> > > > Has anyone started looking into the latest set of vulnerabilities (the
> > > > firefox 1.5.0.4 set)?
> > >
> > > Is it actually sanely backportable to Sarge? I remember having read about
> > > API incompatibilities for Firefox extensions.
> >
> > Uploading 1.5.x should be the last option to consider. IMO, its not an option
> > at all for debian stable. Backporting to 1.0.x branch looks doable for most
> > issues, but definitely will take some time.
>
> Do you have access to all Bugzilla entries or are you extracting this from
> the interdiff?
He's likely looking at the cvs commits, which give a bit more
granularity than interdiff.
Didn't someone on the stable security team tell me they had access to
the secured bugs in the mozilla bugzilla? Has any distro released a
security fix for this? We definitely shouldn't be above borrowing
their work.
--
Eric Dorland <eric at kuroneko.ca>
ICQ: #61138586, Jabber: hooty at jabber.com
1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+
G e h! r- y+
------END GEEK CODE BLOCK------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20060606/7c59f79d/attachment.pgp
More information about the pkg-mozilla-maintainers
mailing list