mozilla security updated (proposed) needs testing.

Alexander Sack asac at debian.org
Sat Jun 17 12:16:34 UTC 2006 

Please, test the mozilla suite I just uploaded (2:1.7.8-1sarge7). Keep your
eyes open regressions and especially if it breaks any dependents or extensions.

You can grab it from here:

  http://people.debian.org/~asac/security/


The changes are:

 mozilla (2:1.7.8-1sarge7) stable-security; urgency=critical
   - added mozilla 1.7.14 patches in debian/patches that fix various
     security issues:
     + CVE-2006-2787     : 1_0001-mfsa2006-31-319263-336601-336313.txt
     + CVE-2006-2786 1/2 : 1_0002-mfsa2006-33-Part-1-2-329746.txt
     + CVE-2006-2786 2/2 : 1_0003-mfsa2006-33-Part-2-2-330214.txt
     + CVE-2006-2785 2/2 : 1_0004-mfsa2006-34-Part2-2-329521-suite.txt
     + CVE-2006-2775     : 1_0005-mfsa2006-35-329677.txt
     + CVE-2006-2784     : 1_0006-mfsa2006-36-330037.txt
     + CVE-2006-2776     : 1_0007-mfsa2006-37-330773-with-belt-and-braces.txt
     + CVE-2006-2778     : 1_0008-mfsa2006-38-330897.txt
     + CVE-2006-1942     : 1_0009-mfsa2006-39-CVE-2006-1942-334341-suite.txt
     + CVE-2006-2781     : 1_0010-mfsa2006-40-334384.txt
     + CVE-2006-2782     : 1_0011-mfsa2006-41-334977.txt
     + CVE-2006-2783     : 1_0012-mfsa2006-42-335816.txt
     + CVE-2006-2777     : 1_0013-mfsa2006-43-336830.txt
     + CVE-2006-2779 3/6 : 1_0014-mfsa2006-32-Part-3-7-326501.txt
     + CVE-2006-2779 4/6 : 1_0015-mfsa2006-32-Part-4a-7-326931.txt
     + CVE-2006-2785 2/2 : 1_0015-mfsa2006-34-Part-1-2-xpfe-329468-suite.txt
     + CVE-2006-2779 4/6 : 1_0016-mfsa2006-32-Part-4b-7-329219.txt
     + CVE-2006-2779 4/6 : 1_0017-mfsa2006-32-Part-4c-7-330818-proper-aviary.txt
     + CVE-2006-2779 6/6 : 1_0018-mfsa2006-32-Part-6-7-332971.txt
     + CVE-2006-2780     : 1_0019-js-src-jsstr.c-335535-mfsa2006-32-Part-7-7.txt
     + CVE-2006-2779 5/6 : 1_0021-mfsa2006-32-Part-5-7-327712.txt
   - Note: CVE-2006-2779 (mfsa2006-32) is only partially fixed. Missing are
     tricky parts 1/6 and 2/6 from advisory:
      1/6: Removing nested <option>s from a select (Jesse Ruderman)
        https://bugzilla.mozilla.org/show_bug.cgi?id=324918
      2/Crashes during DOMNodeRemoved mutation 
        https://bugzilla.mozilla.org/show_bug.cgi?id=325730
        https://bugzilla.mozilla.org/show_bug.cgi?id=329982event6: 


 - Alexander

-- 
 GPG messages preferred.   |  .''`.  ** Debian GNU/Linux **
 Alexander Sack            | : :' :      The  universal
 asac at jwsdot.com           | `. `'      Operating System
 http://www.asoftsite.org  |   `-    http://www.debian.org

More information about the pkg-mozilla-maintainers mailing list