Paul Gear wrote: > (This turned into a saga - so here's the executive summary: let's let > the security team do their job and find us a secure version. Talk about > removing Firefox and/or definitely ruling out upgrading to a newer > version is unhelpful in solving the problem.) And, of course, i also neglected the fact that the security team had _already_ done their job (at least for MFSA 2005-51 [1]) the day before this thread started and provided a fixed version of Firefox in DSA 779-1. [2] Can anyone comment on the status of MFSA 2005-53 [3] (CAN-2005-2267) [4] and MFSA 2005-56 [5] (CAN-2005-2270) [6]? [1] http://www.mozilla.org/security/announce/mfsa2005-51.html [2] http://www.debian.org/security/2005/dsa-775 [3] http://www.mozilla.org/security/announce/mfsa2005-53.html [4] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2267 [5] http://www.mozilla.org/security/announce/mfsa2005-56.html [6] http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270 -- Paul <http://paulgear.webhop.net> -- Did you know? If you use two dashes followed by a space as your signature separator, good email programs will chop them off automatically, reducing noise in email replies.
Attachment:
signature.asc
Description: OpenPGP digital signature