Re: Re: Troubling security news for sarge users of mozilla, firefox,thunderbird...
On 08/12/2005 03:10 PM, Alexander Sack wrote:
>> firefox (318061) it's resolved, Done, Will be archived: in 20 days.
> I just looked at the bug and it is not closed. It's a visualization
> bug in our BTS IMO. I guess it has something to do with the new
> versioned bug tracking feature recently deployed to our bug database.
I don't know what "visualization bug" means. I see this:
Debian Bug report logs: package mozilla-firefox
Scroll down that page, way down that page, to this:
> Grave functionality bugs - resolved (3 bugs)
> * #318061: mozilla-firefox: version 1.0.5 fixes several security bugs
> Package: mozilla-firefox (1.0.4-3, 1.0.4-2; fixed: 1.0.5-1,
> 1.0.99+deerpark-alpha2-1); Severity: grave; Reported by: Florian
> Weimer <firstname.lastname@example.org>; Tags: etch, sarge, security; Done: Mike
> Hommey <email@example.com>; Will be archived: in 18 days.
So, I believe your thunderbird bug is correctly marked Grave, while this
one for firefox "Will be archived." A close reading does show the
vulnerability in 1.0.4*, but it's too easy to miss, and in 18 days it's
gone for anyone looking to see problems in sarge on firefox.
There has yet to be a DSA on this for sarge.