Bug#570743: xulrunner: info disclosures
Delirium
delirium at hackish.org
Sun Apr 11 11:36:45 UTC 2010
clone 570743 -1
retitle 570743 xulrunner: CVE-2010-0654 cross-origin CSS data theft
retitle -1 xulrunner: CVE-2010-0648 redirect target leak
forwarded 570743 https://bugzilla.mozilla.org/show_bug.cgi?id=524223
thanks
The first of these, CVE-2010-0654, is fixed in upstream trunk (future
1.9.3.x). A more hackish fix looks like it'll appear in one of the next
releases of 1.9.2.x, possibly 1.9.2.4.
Splitting off CVE-2010-0648 into a separate bug, which I don't know
anything about.
-Mark
More information about the pkg-mozilla-maintainers
mailing list