Accepted firefox-sage 1.4.3-3 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 06 Dec 2009 18:03:44 +0000
Source: firefox-sage
Binary: firefox-sage
Architecture: source all
Version: 1.4.3-3
Distribution: unstable
Urgency: high
Maintainer: Mozilla Extension Packaging Team <pkg-mozext-maintainers@lists.alioth.debian.org>
Changed-By: Alan Woodland <awoodland@debian.org>
Description:
firefox-sage - lightweight RSS and Atom feed reader for Firefox
Closes: 559267
Changes:
firefox-sage (1.4.3-3) unstable; urgency=high
.
* Fix two security bugs:
- Setting urgency=high, this vulnerability allowed remote
exploitation, without any user interaction.
- CVE-2009-4102 Cross Domain Scripting vulnerability.
Don't trust HTML in titles, descriptions. Don't allow
'strange' (i.e. javascript:, data:) URLs in Links.
- CVE-2006-4712 (Regression), some of the old test cases
no longer passed due to problem with htmlToText.
- Closes: #559267
Checksums-Sha1:
d681c1c5ab651f8d7cdc1b5b0ddf221fc9a7b119 1188 firefox-sage_1.4.3-3.dsc
e6f72048c87d6166c763f590d374ba86b39216d8 14511 firefox-sage_1.4.3-3.diff.gz
72fc2e141afc3c3be121b7ff05980523bf93c297 167260 firefox-sage_1.4.3-3_all.deb
Checksums-Sha256:
072b3d97fd15ca92a5fec3c66dc69e21f85d62fd7a960b4b636c399822f03498 1188 firefox-sage_1.4.3-3.dsc
94e9137bd51f6fae85097a1d5e168ae6fbcb7b2a754df3d1b0dc75d6c24fdcf3 14511 firefox-sage_1.4.3-3.diff.gz
5feb6832a06c4823aa50f1c693655f4d3e297bf70c2c66a155144911d6c503a4 167260 firefox-sage_1.4.3-3_all.deb
Files:
c26758676a077050d0a23a69c16c5d0c 1188 web optional firefox-sage_1.4.3-3.dsc
267e9192039f75899a340c7f4383f874 14511 web optional firefox-sage_1.4.3-3.diff.gz
b632ec621495bafdee29d82085c319c9 167260 web optional firefox-sage_1.4.3-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkshEmAACgkQ1FNW1LDdr0LoHgCfTFRNdWlniJOFEi5wn+vhPmnn
Sf0AnAkIt4Df0HT4Z+6yeJM/GxXzZNYV
=bnL7
-----END PGP SIGNATURE-----
Accepted:
firefox-sage_1.4.3-3.diff.gz
to main/f/firefox-sage/firefox-sage_1.4.3-3.diff.gz
firefox-sage_1.4.3-3.dsc
to main/f/firefox-sage/firefox-sage_1.4.3-3.dsc
firefox-sage_1.4.3-3_all.deb
to main/f/firefox-sage/firefox-sage_1.4.3-3_all.deb
Reply to: