CVE-2006-1993: deleted object reference when designMode="on"
Eric Dorland
eric at debian.org
Wed May 3 14:27:08 UTC 2006
* Alexander Sack (asac at debian.org) wrote:
>
> Today Mozilla pushed a mini update for firefox. Though the official
> advisory tells us that 1.0.8 is not affected, we should take it IMO -
> actually upstream has no idea as of why 1.0.8 is not affected. Same for
> mozilla. So better safe than sorry.
>
> Attached the combined patch from #334515, which should apply cleanly
> for us.
>
> The advisory can be found here:
> http://www.mozilla.org/security/announce/2006/mfsa2006-30.html
>
> Eric, you have time to prepare firefox update?
I'll work on it tonight, thanks again for your hard work.
--
Eric Dorland <eric at kuroneko.ca>
ICQ: #61138586, Jabber: hooty at jabber.com
1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+
G e h! r- y+
------END GEEK CODE BLOCK------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20060503/92153511/attachment.pgp
More information about the pkg-mozilla-maintainers
mailing list