Hi, can someone please unblock xulrunner? 220.127.116.11-1 fixes CVE-2008-2785 which is a fairly important security issue that allows arbitrary code execution by overflowing a CSS reference counter. Every iceweasel user who has not switched off java script could be affected by this. More about the vulnerability itself in the upstream advisory. In Debian this does technically affect xulrunner and not iceweasel as discussed with the maintainer so it would be nice if someone could unblock xulrunner 18.104.22.168-1 to enter lenny.  http://security-tracker.debian.net/tracker/CVE-2008-2785  http://www.mozilla.org/security/announce/2008/mfsa2008-34.html  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491161#17 Cheers Nico -- Nico Golde - http://www.ngolde.de - firstname.lastname@example.org - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Description: PGP signature