Bug#606651: unblock: iceweasel/3.5.16-1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#606651: unblock: iceweasel/3.5.16-1
From: Mike Hommey <mh+reportbug@glandium.org>
Date: Fri, 10 Dec 2010 16:16:47 +0100
Message-id: <[🔎] 20101210151647.7906.9599.reportbug@jigen.glandium.org>
Reply-to: Mike Hommey <mh+reportbug@glandium.org>, 606651@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package iceweasel

The new version fixes various security issues. The diff between
the previous upstream version and this one is quite big and probably
hard to review, especially as it adds a third party library (ots, a
sanitizer for opentype fonts, which is part of CVE-2010-3768). I
think we can trust upstream with these changes (and any big regression
will be fixed in a subsequent release, anyways), but this release
doesn't stop at security updates, so here is a list of the upstream
commits that are also part of this release (I'm purposely skipping
commits touching version strings and tags, and stuff that's not part
of the build, such as tools and tests):
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/a78a9ff14f26
  (note that this one was applied as a patch in previous debian releases)
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/c309d22b23d6
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/0fe7a05219fd
  (this one is a fix for a regression from CVE-2010-2769, I also applied
   it to the stable-security update)
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/16357bcadb6f
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/330f0bd7693c
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/0d5d5e39844b
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/f807c68b55c4
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/177a7eab1180
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/5b998a2bfcc3
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/19e3f097936a
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/f43d4cdbe257
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/8d9e038d30bf
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/8f70e404d1ee
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/7da8e189105d
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/612ad84a4004

unblock iceweasel/3.5.16-1

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to:

Follow-Ups:
- Bug#606651: marked as done (unblock: iceweasel/3.5.16-1)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Re: amanda 1:2.6.1p2-3
Next by Date: Re: RC Bugfix #605868: please unblock sbox-dtc
Previous by thread: Bug#606611: marked as done (Unblock xymon/4.3.0~beta2.dfsg-6+squeeze1 (translation update))
Next by thread: Bug#606651: marked as done (unblock: iceweasel/3.5.16-1)
Index(es):
- Date
- Thread