This bug was fixed in the package unity-firefox-extension - 2.4.1-0ubuntu1.2
--------------- unity-firefox-extension (2.4.1-0ubuntu1.2) quantal-security; urgency=low
* SECURITY UPDATE: same origin policy bypass via toDataURL() (LP: #1069817) - debian/patches/CVE-2012-0958.patch: merge Unity.toDataURL to Unity.init in unity-firefox-extension/content/unity-api.js. - CVE-2012-0958 -- Marc Deslauriers <email address hidden> Wed, 12 Dec 2012 10:54:19 -0500
This bug was fixed in the package unity-firefox- extension - 2.4.1-0ubuntu1.2
--------------- extension (2.4.1-0ubuntu1.2) quantal-security; urgency=low
unity-firefox-
* SECURITY UPDATE: same origin policy bypass via toDataURL() (LP: #1069817) patches/ CVE-2012- 0958.patch: merge Unity.toDataURL to extension/ content/ unity-api. js.
- debian/
Unity.init in unity-firefox-
- CVE-2012-0958
-- Marc Deslauriers <email address hidden> Wed, 12 Dec 2012 10:54:19 -0500