Bug#435385: iceape browser leaks TCP sockets to children
Jasen Betts
jasen at free.net.nz
Tue Jul 31 11:43:23 UTC 2007
Package: iceape
Version: 1.0.9-0etch1
Severity: minor
dunno if this is a security risk but after downloading a PDF and
selecting open with /usr/bin/xpdf iceape passes TCP sockets to the
instance of xpdf it spawns to open the downloaded file.
lsof(8) output:
xpdf.bin 5982 jasen 44u IPv4 1246027 TCP address.witheld:35915->www.eecs.umich.edu:www (CLOSE_WAIT)
xpdf.bin 5982 jasen 45u IPv4 1246028 TCP address.witheld:35916->www.eecs.umich.edu:www (CLOSE_WAIT)
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=en_NZ, LC_CTYPE=en_NZ (charmap=ISO-8859-1)
Versions of packages iceape depends on:
ii iceape-browser 1.0.9-0etch1 Iceape Navigator (Internet browser
ii iceape-mailnews 1.0.9-0etch1 Iceape Mail & Newsgroups and Addre
Versions of packages iceape recommends:
ii iceape-chatzilla 1.0.9-0etch1 Iceape Chatzilla IRC client
-- debconf-show failed
More information about the pkg-mozilla-maintainers
mailing list