2007-06-05 10:52:30 |
Alexander Sack |
firefox: statusexplanation |
interesting. Will take a look. |
firefox (2.0.0.4+2-0ubuntu1) gutsy; urgency=low
* new upstream security/stability update (Closes: LP#117990)
* MFSA2007-17 aka CVE-2007-2871: XUL Popup Spoofing
* MFSA2007-16 aka CVE-2007-2870: XSS using addEventListener
* MFSA2007-14 aka CVE-2007-1362: Path Abuse in Cookies
* MFSA2007-13 aka CVE-2007-2869: Persistent Autocomplete Denial of Service
* MFSA2007-12 aka CVE-2007-2867 (layout engine) + CVE-2007-2868
(javascript engine): Crashes with evidence of memory corruption
* drop upstream applied patches:
bz312998-GetVisibility-patch.patch,
bz358930-gradient-spread-method-pad-fix.patch,
bz366844-mozilla-configure-in-patch-to-workaround-gcc-visibility-bug.patch
* adapted patches to upstream codebase changes:
bz273524-gnome-mime-registry-ubuntu.patch
* debian/firefox.1, debian/firefox.manpages: install firefox.1 (Closes: LP#115112)
* install gnome-www-browser alternative in postinst and remove
that alternative in prerm - copied over from feisty
* debian/firefox.preinst: uninstall x-www-browser and mozilla alternative
* debian/firefox-dev.install: install nsBuildID.h to /usr/include/firefox/
(Closes: LP#115630)
-- Alexander Sack <asac@ubuntu.com> Tue, 15 May 2007 12:10:00 +0200 |
|