[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2010-1206

On moandei 19 July 2010, Mike Hommey wrote:
> As I started to work on next round of mozilla security updates, I found
> out that CVE-2010-1206 doesn't apply to 3.0.x and earlier, because the
> faulty code was introduced in 3.1b1 by
> https://bugzilla.mozilla.org/show_bug.cgi?id=254714
> Also, the vulnerable package is not xulrunner, in this case, but
> iceweasel. Versions in etch and lenny are not affected.

Thanks, noted.


Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: