[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#404733: Mozilla-based and related packages status

On Sun, Jan 21, 2007 at 10:46:52PM -0800, Steve Langasek <vorlon@debian.org> wrote:
> On Sun, Jan 21, 2007 at 09:19:55AM +0100, Mike Hommey wrote:
> > On Sat, Jan 20, 2007 at 08:06:08PM -0800, Steve Langasek <vorlon@debian.org> wrote:
> > > In that case, should the bug actually be downgraded?
> 
> > It's already closed, I don't think we should care about that anymore.
> > It is still an RC bug for etch, but let's consider this RC as a bug
> > about all the security issues that have been fixed in the version
> > currently in sid.
> 
> Are there other known security issues in the version in etch?  I do need to
> know if it's warranted to spend time on trying to get the new xulrunner
> built on alpha prior to release, or if this attention is better spent
> elsewhere.

See the changelog:
  * Fixes mfsa-2006-{68-73} also known as
    CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6500,
    CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504.

Next upload (this week) will fix random crashes with null characters
in the displayed page.

So... you may want to wait the next upload to get it built on alpha.

Mike
Reply to: