[Secure-testing-team] kompozer tracking
Michael S Gilbert
michael.s.gilbert at gmail.com
Wed Sep 2 03:16:12 UTC 2009
Guiseppe,
in the process of doing the embedded code copies triage, i've come
across a lot of cases where tracking for kompozer is not done. i
understand that this package is relatively new, but since it is derived
from existing code, it should be checked retroactively for
vulnerabilities. it looks like the code is copied from
firefox/thunderbird 2.0.0.20 (according to
'./mozilla/browser/config/version.txt' and other version files, but
that could be wrong).
i see that you are the maintainer; can you go through all of the cves
affecting iceape and either tag kompozer not-affected or fixed? this
would help me out a lot since you are already familiar with the
package, and i have a lot of other issues to look at. thanks.
mike
More information about the Secure-testing-team
mailing list