Bug#404733: Mozilla-based and related packages status
Mike Hommey
mh at glandium.org
Mon Jan 22 08:09:32 CET 2007
On Sun, Jan 21, 2007 at 10:46:52PM -0800, Steve Langasek <vorlon at debian.org> wrote:
> On Sun, Jan 21, 2007 at 09:19:55AM +0100, Mike Hommey wrote:
> > On Sat, Jan 20, 2007 at 08:06:08PM -0800, Steve Langasek <vorlon at debian.org> wrote:
> > > In that case, should the bug actually be downgraded?
>
> > It's already closed, I don't think we should care about that anymore.
> > It is still an RC bug for etch, but let's consider this RC as a bug
> > about all the security issues that have been fixed in the version
> > currently in sid.
>
> Are there other known security issues in the version in etch? I do need to
> know if it's warranted to spend time on trying to get the new xulrunner
> built on alpha prior to release, or if this attention is better spent
> elsewhere.
See the changelog:
* Fixes mfsa-2006-{68-73} also known as
CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6500,
CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504.
Next upload (this week) will fix random crashes with null characters
in the displayed page.
So... you may want to wait the next upload to get it built on alpha.
Mike
More information about the pkg-mozilla-maintainers
mailing list