Bug#560108: xulrunner: remote info disclosure via css
Delirium
delirium at hackish.org
Sun Apr 11 05:27:13 UTC 2010
forwarded 560108 https://bugzilla.mozilla.org/show_bug.cgi?id=147777
thanks
This is now fixed in upstream's trunk, but not in any releases yet. It
looks like the fix will probably come out in Gecko 1.9.3 / Firefox 3.7.
More info on the changes:
http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/
https://developer.mozilla.org/en/CSS/Privacy_and_the_:visited_selector
-Mark
More information about the pkg-mozilla-maintainers
mailing list