Bug#687423: iceweasel: X paste buffer outside text box pastes to location bar

Mark Hedges hedges-temp0001 at formdata.biz
Wed Sep 12 15:22:27 UTC 2012


Package: iceweasel
Version: 3.5.16-17
Severity: normal


I use ccencrypt to keep passwords in text files and ccat to display
them on a terminal, then select them with the mouse to use X paste
middle-click to put them into the browser, when the page interferes
with the normal Firefox password manager.  For example, usps.com.
However, if I don't middle-click exactly in the password input box,
it pastes the password to the location bar and tries to go there
because I copied the whole line with the newline.  That results
in my password being sent out in a DNS query.

Mark

-- Package-specific info:

-- Extensions information
Name: Default
Location: /usr/lib/iceweasel/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}
Package: iceweasel
Status: enabled

Name: FireGPG
Location: /usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/firegpg at firegpg.team
Package: xul-ext-firegpg
Status: enabled

Name: Firebug
Location: /usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/firebug at software.joehewitt.com
Package: xul-ext-firebug
Status: user-disabled

Name: Flashblock
Location: /usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/{3d7eb24f-2740-49df-8937-200b1cc08f8a}
Package: xul-ext-flashblock
Status: enabled

Name: MediaWrap
Location: ${PROFILE_EXTENSIONS}/{dd68c513-9296-4b63-8d8b-8f1c991c8a48}
Status: user-disabled

Name: NoScript
Location: /usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/{73a6fe31-595d-460b-a920-fcc0f8843232}
Package: xul-ext-noscript
Status: enabled

Name: User Agent Switcher
Location: ${PROFILE_EXTENSIONS}/{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
Status: enabled

Name: Web Developer
Location: /usr/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/{c45c406e-ab73-11d8-be73-000a95be3b12}
Package: xul-ext-webdeveloper
Status: user-disabled

-- Plugins information
Name: DivX® Web Player
Location: /usr/lib/mozilla/plugins/libtotem-mully-plugin.so
Package: totem-mozilla
Status: enabled

Name: IcedTea NPR Web Browser Plugin (using IcedTea6 1.8.13 (6b18-1.8.13-0+squeeze2))
Location: /usr/lib/jvm/java-6-openjdk/jre/lib/i386/IcedTeaPlugin.so
Package: icedtea6-plugin
Status: disabled

Name: Java(TM) Plug-in 1.6.0_26
Location: /usr/lib/jvm/java-6-sun-1.6.0.26/jre/lib/i386/libnpjp2.so
Package: sun-java6-bin
Status: disabled

Name: MozPlugger 1.14.1 handles QuickTime and Windows Media Player Plugin (1.14.1)
Location: /usr/lib/mozilla/plugins/mozplugger.so
Package: mozplugger
Status: enabled

Name: QuickTime Plug-in 7.6.6
Location: /usr/lib/mozilla/plugins/libtotem-narrowspace-plugin.so
Package: totem-mozilla
Status: enabled

Name: Shockwave Flash
Location: /usr/lib/flashplayer-mozilla/libflashplayer.so
Package: flashplayer-mozilla
Status: enabled

Name: Silverlight Plug-In
Location: /usr/lib/moon/plugin/libmoonloader.so
Package: moonlight-plugin-core
Status: enabled

Name: VLC Multimedia Plug-in
Location: /usr/lib/mozilla/plugins/libvlcplugin.so
Package: mozilla-plugin-vlc
Status: enabled

Name: VLC Multimedia Plugin (compatible Totem 2.30.2)
Location: /usr/lib/mozilla/plugins/libtotem-cone-plugin.so
Package: totem-mozilla
Status: enabled

Name: Windows Media Player Plug-in 10 (compatible; Totem)
Location: /usr/lib/mozilla/plugins/libtotem-gmp-plugin.so
Package: totem-mozilla
Status: enabled

Name: gxine starter plugin
Location: /usr/lib/gxine/gxineplugin.so
Package: gxineplugin
Status: enabled


-- Addons package information
ii  flashplayer-mo 2:10.3.183.7-0 Macromedia Flash Player.
ii  gxineplugin    0.5.905-5      the xine video player, GTK+/Gnome; launcher 
ii  icedtea6-plugi 6b18-1.8.13-0+ web browser plugin based on OpenJDK and Iced
ii  iceweasel      3.5.16-17      Web browser based on Firefox
ii  moonlight-plug 1.0.1-3+b1     Free Software clone of Silverlight 1.0 - plu
ii  mozilla-plugin 1.1.3-1squeeze multimedia plugin for web browsers based on 
ii  mozplugger     1.14.1-1       Plugin allowing external viewers to be launc
ii  sun-java6-bin  6.26-0squeeze1 Sun Java(TM) Runtime Environment (JRE) 6 (ar
ii  totem-mozilla  2.30.2-6       Totem Mozilla plugin
ii  xul-ext-firebu 1.5.4-1        web development plugin for Iceweasel/Firefox
ii  xul-ext-firegp 0.8-1          Iceweasel/Firefox extension to use GnuPG on 
ii  xul-ext-flashb 1.5.13-1       mozilla extension to block Adobe Flash conte
ii  xul-ext-noscri 1.9.9.69-1     Javascript/plugins permissions manager for I
ii  xul-ext-webdev 1.1.8-4        web developer extension for the Iceweasel/Fi

-- System Information:
Debian Release: 6.0.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages iceweasel depends on:
ii  debianutils            3.4               Miscellaneous utilities specific t
ii  fontconfig             2.8.0-2.1         generic font configuration library
ii  libc6                  2.11.3-3          Embedded GNU C Library: Shared lib
ii  libgcc1                1:4.4.5-8         GCC support library
ii  libglib2.0-0           2.24.2-1          The GLib library of C routines
ii  libgtk2.0-0            2.20.1-2          The GTK+ graphical user interface 
ii  libnspr4-0d            4.8.6-1           NetScape Portable Runtime Library
ii  libstdc++6             4.4.5-8           The GNU Standard C++ Library v3
ii  procps                 1:3.2.8-9squeeze1 /proc file system utilities
ii  xulrunner-1.9.1        1.9.1.16-17       XUL + XPCOM application runner

iceweasel recommends no packages.

Versions of packages iceweasel suggests:
ii  libgssapi-krb5-2    1.8.3+dfsg-4squeeze6 MIT Kerberos runtime libraries - k
ii  mozplugger          1.14.1-1             Plugin allowing external viewers t
ii  ttf-lyx             1.6.7-1              TrueType versions of some TeX font
pn  ttf-mathematica4.1  <none>               (no description available)
ii  xfonts-mathml       4                    Type1 Symbol font for MathML
pn  xprint              <none>               (no description available)

Versions of packages xulrunner-1.9.1 depends on:
ii  libasound2            1.0.23-2.1         shared library for ALSA applicatio
ii  libatk1.0-0           1.30.0-1           The ATK accessibility toolkit
ii  libbz2-1.0            1.0.5-6+squeeze1   high-quality block-sorting file co
ii  libc6                 2.11.3-3           Embedded GNU C Library: Shared lib
ii  libcairo2             1.8.10-6           The Cairo 2D vector graphics libra
ii  libdbus-1-3           1.2.24-4+squeeze1  simple interprocess messaging syst
ii  libfontconfig1        2.8.0-2.1          generic font configuration library
ii  libfreetype6          2.4.2-2.1+squeeze4 FreeType 2 font engine, shared lib
ii  libgcc1               1:4.4.5-8          GCC support library
ii  libglib2.0-0          2.24.2-1           The GLib library of C routines
ii  libgtk2.0-0           2.20.1-2           The GTK+ graphical user interface 
ii  libhunspell-1.2-0     1.2.11-1           spell checker and morphological an
ii  libjpeg62             6b1-1              The Independent JPEG Group's JPEG 
ii  libmozjs2d            1.9.1.16-17        The Mozilla SpiderMonkey JavaScrip
ii  libnspr4-0d           4.8.6-1            NetScape Portable Runtime Library
ii  libnss3-1d            3.12.8-1+squeeze5  Network Security Service libraries
ii  libpango1.0-0         1.28.3-1+squeeze2  Layout and rendering of internatio
ii  libpng12-0            1.2.44-1+squeeze4  PNG library - runtime
ii  libreadline6          6.1-3              GNU readline and history libraries
ii  libsqlite3-0          3.7.3-1            SQLite 3 shared library
ii  libstartup-notificati 0.10-1             library for program launch feedbac
ii  libstdc++6            4.4.5-8            The GNU Standard C++ Library v3
ii  libx11-6              2:1.3.3-4          X11 client-side library
ii  libxrender1           1:0.9.6-1          X Rendering Extension client libra
ii  libxt6                1:1.0.7-1          X11 toolkit intrinsics library
ii  zlib1g                1:1.2.3.4.dfsg-3   compression library - runtime

-- no debconf information



More information about the pkg-mozilla-maintainers mailing list