Accepted firefox-sage 1.4.3-3 (source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted firefox-sage 1.4.3-3 (source all)
From: Alan Woodland <awoodland@debian.org>
Date: Thu, 10 Dec 2009 15:50:28 +0000
Message-id: <[🔎] E1NIlHg-0002b1-J6@ries.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 06 Dec 2009 18:03:44 +0000
Source: firefox-sage
Binary: firefox-sage
Architecture: source all
Version: 1.4.3-3
Distribution: unstable
Urgency: high
Maintainer: Mozilla Extension Packaging Team <pkg-mozext-maintainers@lists.alioth.debian.org>
Changed-By: Alan Woodland <awoodland@debian.org>
Description: 
 firefox-sage - lightweight RSS and Atom feed reader for Firefox
Closes: 559267
Changes: 
 firefox-sage (1.4.3-3) unstable; urgency=high
 .
   * Fix two security bugs:
     - Setting urgency=high, this vulnerability allowed remote
       exploitation, without any user interaction.
     - CVE-2009-4102 Cross Domain Scripting vulnerability.
       Don't trust HTML in titles, descriptions. Don't allow
       'strange' (i.e. javascript:, data:) URLs in Links.
     - CVE-2006-4712 (Regression), some of the old test cases
       no longer passed due to problem with htmlToText.
     - Closes: #559267
Checksums-Sha1: 
 d681c1c5ab651f8d7cdc1b5b0ddf221fc9a7b119 1188 firefox-sage_1.4.3-3.dsc
 e6f72048c87d6166c763f590d374ba86b39216d8 14511 firefox-sage_1.4.3-3.diff.gz
 72fc2e141afc3c3be121b7ff05980523bf93c297 167260 firefox-sage_1.4.3-3_all.deb
Checksums-Sha256: 
 072b3d97fd15ca92a5fec3c66dc69e21f85d62fd7a960b4b636c399822f03498 1188 firefox-sage_1.4.3-3.dsc
 94e9137bd51f6fae85097a1d5e168ae6fbcb7b2a754df3d1b0dc75d6c24fdcf3 14511 firefox-sage_1.4.3-3.diff.gz
 5feb6832a06c4823aa50f1c693655f4d3e297bf70c2c66a155144911d6c503a4 167260 firefox-sage_1.4.3-3_all.deb
Files: 
 c26758676a077050d0a23a69c16c5d0c 1188 web optional firefox-sage_1.4.3-3.dsc
 267e9192039f75899a340c7f4383f874 14511 web optional firefox-sage_1.4.3-3.diff.gz
 b632ec621495bafdee29d82085c319c9 167260 web optional firefox-sage_1.4.3-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkshEmAACgkQ1FNW1LDdr0LoHgCfTFRNdWlniJOFEi5wn+vhPmnn
Sf0AnAkIt4Df0HT4Z+6yeJM/GxXzZNYV
=bnL7
-----END PGP SIGNATURE-----


Accepted:
firefox-sage_1.4.3-3.diff.gz
  to main/f/firefox-sage/firefox-sage_1.4.3-3.diff.gz
firefox-sage_1.4.3-3.dsc
  to main/f/firefox-sage/firefox-sage_1.4.3-3.dsc
firefox-sage_1.4.3-3_all.deb
  to main/f/firefox-sage/firefox-sage_1.4.3-3_all.deb

Reply to:

Prev by Date: Accepted sugar-toolkit-0.86 0.86.2-2 (source amd64)
Next by Date: Accepted jruby 1.4.0-1 (source all)
Previous by thread: Accepted sugar-toolkit-0.86 0.86.2-2 (source amd64)
Next by thread: Accepted jruby 1.4.0-1 (source all)
Index(es):
- Date
- Thread