[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Cite for print-to-postscript exploit in Mozilla?

* Kevin B. McCarty:

> I admit this last question is a bit rhetorical.  My point is that, as
> sysadmin of a physics cluster running Debian/woody on which people
> frequently look at downloaded PS files anyway, I want to know whether it
> is really worth my time to upgrade Mozilla [currently running 1.4 from
> Adrian Bunk's backports], install Xprint from unstable, and go through
> the apparently non-trivial task of getting it to work well.

1.7 incorporates some other security fixes, apparently in the area of
cross-domain scripting vulnerabilities.  So you probably should
upgrade anyway.

Reply to: