[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted firefox-sage 1.4.2-0.1+lenny1 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 10 Dec 2009 15:18:10 +0000
Source: firefox-sage
Binary: firefox-sage
Architecture: source all
Version: 1.4.2-0.1+lenny1
Distribution: stable-security
Urgency: high
Maintainer: Alan Woodland <awoodland@debian.org>
Changed-By: Alan Woodland <awoodland@debian.org>
Description: 
 firefox-sage - lightweight RSS and Atom feed reader for Firefox
Closes: 559267
Changes: 
 firefox-sage (1.4.2-0.1+lenny1) stable-security; urgency=high
 .
   * Fix two security bugs:
     - Setting urgency=high, this vulnerability allowed remote
       exploitation, without any user interaction.
     - CVE-2009-4102 Cross Domain Scripting vulnerability.
       Don't trust HTML in titles, descriptions. Don't allow
      'strange' (i.e. javascript:, data:) URLs in Links.
     - CVE-2006-4712 (Regression), some of the old test cases
       no longer passed due to problem with htmlToText.
     - Closes: #559267
   * Targeted review of a number of other potential weak points.
Checksums-Sha1: 
 3bb07f092d2c948265148befed1c2ea6ac16eef0 1039 firefox-sage_1.4.2-0.1+lenny1.dsc
 3eeb56203399a55ae809821ee9e3a6bce5d730d3 169202 firefox-sage_1.4.2.orig.tar.gz
 2e8f531dc562e902482b5ef0923cdc8dc43418f3 15552 firefox-sage_1.4.2-0.1+lenny1.diff.gz
 81801c82383f884c6f4e189de04baaeb9133fdd1 171308 firefox-sage_1.4.2-0.1+lenny1_all.deb
Checksums-Sha256: 
 550824c3556b229fa94ef191555a8e0fd9de4508e0b56882c918f37b083bbb2d 1039 firefox-sage_1.4.2-0.1+lenny1.dsc
 b1fe75c5251c4e9204118a5d5fc3de7f934b792e10006c1464cb21bdc74dbeeb 169202 firefox-sage_1.4.2.orig.tar.gz
 9c4ff2883ab3c29dd0f400643d686096e802460fcff18afde7f31f4a2609f467 15552 firefox-sage_1.4.2-0.1+lenny1.diff.gz
 cc930c0954faa81352bee92b94de225a05f870c1903792e3e3254d0a006a7ab2 171308 firefox-sage_1.4.2-0.1+lenny1_all.deb
Files: 
 f47c953cd90197453e1ce165f13cb701 1039 web optional firefox-sage_1.4.2-0.1+lenny1.dsc
 71f4d7379bc6e39640fc20016493f129 169202 web optional firefox-sage_1.4.2.orig.tar.gz
 c62acce299739cfe09c5ed671f0d310f 15552 web optional firefox-sage_1.4.2-0.1+lenny1.diff.gz
 63a27b648f10e021b18acf9c8d8d24f0 171308 web optional firefox-sage_1.4.2-0.1+lenny1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAksmC8MACgkQ1FNW1LDdr0KvSACgncH8BWbJvUNKQ17ONgstzlDT
8RYAnRiXsSmKFXKBlSTF2hEx8qGcrgNG
=ODyo
-----END PGP SIGNATURE-----


Accepted:
firefox-sage_1.4.2-0.1+lenny1.diff.gz
  to main/f/firefox-sage/firefox-sage_1.4.2-0.1+lenny1.diff.gz
firefox-sage_1.4.2-0.1+lenny1.dsc
  to main/f/firefox-sage/firefox-sage_1.4.2-0.1+lenny1.dsc
firefox-sage_1.4.2-0.1+lenny1_all.deb
  to main/f/firefox-sage/firefox-sage_1.4.2-0.1+lenny1_all.deb


Reply to: