backport patches for RC 1.8.1.5 release
Alexander Sack
asac at debian.org
Sun Jul 22 15:32:07 UTC 2007
On Sun, Jul 22, 2007 at 11:43:32AM +0200, Mike Hommey wrote:
> On Sat, Jul 21, 2007 at 09:19:55PM +0200, Mike Hommey <mh at glandium.org> wrote:
> > Dammit, I'll have to build them all again. I overlooked the fact that
> > their stupid configure script silently make the whole thing statically
> > linked against internally provided libpng if the version of the system
> > library is older than the one provided.
>
> New uploads done:
> iceweasel 2.0.0.5-0etch2
> iceape 1.0.10~pre070720-0etch2
> xulrunner 1.8.0.13~pre070720-0etch2.
>
> Note there is at least one missing patch in ~pre070720 releases, for
> https://bugzilla.mozilla.org/show_bug.cgi?id=371858 , that is supposed
> to come in final release.
>
... from what i read in bug, current behaviour is too strict,
e.g. not-granting access to principal that should get who should get
access:
... "So we get a subject principal that's not allowed to touch the
inner window of the error page, an exception gets thrown, and the
error page doesn't work right." - from bug bz#371858 description.
So imo its not really a security issue - which would make sense as
mozilla didn't mark it as such (e.g. see no sg:XXX rating in
whiteboard).
Anyway ... in case you really want that you need to take
https://bugzilla.mozilla.org/show_bug.cgi?id=377090 as well ... which
extends API though.
- Alexander
--
GPG messages preferred. | .''`. ** Debian GNU/Linux **
Alexander Sack | : :' : The universal
asac at debian.org | `. `' Operating System
http://www.asoftsite.org/ | `- http://www.debian.org/
More information about the pkg-mozilla-maintainers
mailing list