CVE-2006-1993: deleted object reference when designMode="on"
Alexander Sack
asac at debian.org
Wed May 3 11:37:43 UTC 2006
On Wed, May 03, 2006 at 11:34:29AM +0200, Alexander Sack wrote:
>
> Today Mozilla pushed a mini update for firefox. Though the official
> advisory tells us that 1.0.8 is not affected, we should take it IMO -
> actually upstream has no idea as of why 1.0.8 is not affected. Same for
> mozilla. So better safe than sorry.
>
> Attached the combined patch from #334515, which should apply cleanly
> for us.
>
> The advisory can be found here:
> http://www.mozilla.org/security/announce/2006/mfsa2006-30.html
>
The fixed mozilla is available at:
http://people.debian.org/~asac/security.
version is 1.7.8-1sarge6.
Have fun!
- Alexander
--
GPG messages preferred. | .''`. ** Debian GNU/Linux **
Alexander Sack | : :' : The universal
asac at debian.org | `. `' Operating System
http://www.asoftsite.org/ | `- http://www.debian.org/
More information about the pkg-mozilla-maintainers
mailing list