Hi Hideki, On Thu, Sep 02, 2010 at 07:16:17PM +0900, Hideki Yamane wrote: > Hi icedove maintainer, > > Now I'm checking security-tracker and there still two security bug flags > that releated to icedove package exist. > http://security-tracker.debian.org/tracker/CVE-2010-1196 > http://security-tracker.debian.org/tracker/CVE-2010-1199 > > There is no mention in its changelog for > > - MFSA 2010-25 aka CVE-2010-1121 > http://www.mozilla.org/security/announce/2010/mfsa2010-25.html > - MFSA 2010-26 aka CVE-2010-1200, CVE-2010-1201 and CVE-2010-1202 > http://www.mozilla.org/security/announce/2010/mfsa2010-26.html > - MFSA 2010-29 aka CVE-2010-1196 > http://www.mozilla.org/security/announce/2010/mfsa2010-29.html > - MFSA 2010-30 aka CVE-2010-1199 > http://www.mozilla.org/security/announce/2010/mfsa2010-30.html > > however, those issue were already fixed with this 3.0.5 release, right? > If so, please add it to its changelog next upload. sorry, I've missed that. It will be fixed in my next upload. BTW: It's just a little bit stupid, because Mozilla release a new version but announce the fixes security issues mostly one day later. Cheers, Christoph
Attachment:
signature.asc
Description: Digital signature