CVE-2006-1993: deleted object reference when designMode="on"

Eric Dorland eric at
Fri May 5 06:15:30 UTC 2006

* Alexander Sack (asac at wrote:
> Today Mozilla pushed a mini update for firefox. Though the official
> advisory tells us that 1.0.8 is not affected, we should take it IMO -
> actually upstream has no idea as of why 1.0.8 is not affected. Same for 
> mozilla. So better safe than sorry.
> Attached the combined patch from #334515, which should apply cleanly
> for us.
> The advisory can be found here:
> Eric, you have time to prepare firefox update?

Alright, a update with the patch applied is up at It is untested, and I
will not have time to test it before next week, if at all before

Eric Dorland <eric at>
ICQ: #61138586, Jabber: hooty at
1024D/16D970C6 097C 4861 9934 27A0 8E1C  2B0A 61E9 8ECF 16D9 70C6

Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ 
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ 
G e h! r- y+ 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :

More information about the pkg-mozilla-maintainers mailing list