[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: A few general questions from a Debian newbie

Am 2005-11-14 23:27:29, schrieb Antony Gelberg:
> Michael Marsh wrote:
> 
> > In short, the patched version of Firefox in sarge is *not* 1.0.7, so
> > calling it 1.0.7 would be a mistake.
> > 
> 
> Um, as I've said elsewhere in this thread, it is a newer upstream
> version than 1.0.4.  Not sure exactly what version it is, though.

You mean:

  __( 'stdin' )_________________________________________________________
 /
| Message-Id: <m1EApiJ-000og1C@finlandia.Infodrom.North.DE>
| Date: Thu, 1 Sep 2005 16:06:47 +0200 (CEST)
| To: debian-security-announce@lists.debian.org (Debian Security Announcements)
| From: joey@infodrom.org (Martin Schulze)
| Subject: [SECURITY] [DSA 779-2] New Mozilla Firefox packages fix several vulnerabilities
| 
| --------------------------------------------------------------------------
| Debian Security Advisory DSA 779-2                     security@debian.org
| http://www.debian.org/security/                             Martin Schulze
| September 1st, 2005                     http://www.debian.org/security/faq
| --------------------------------------------------------------------------
| 
| Package        : mozilla-firefox
| Vulnerability  : several
| Problem-Type   : remote
| Debian-specific: no
| CVE ID         : CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263
|                  CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267
|                  CAN-2005-2268 CAN-2005-2269 CAN-2005-2270
| BugTraq ID     : 14242
| Debian Bug     : 318061
| 
| We experienced that the update for Mozilla Firefox from DSA 779-1
| unfortunately was a regression in several cases.  Since the usual
                                                    ^^^^^^^^^^^^^^^
| praxis of backporting apparently does not work, this update is
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| basically version 1.0.6 with the version number rolled back, and hence
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| still named 1.0.4-*.  For completeness below is the original advisory
  ^^^^^^^^^^^^^^^^^^^

<snip>

| Debian GNU/Linux 3.1 alias sarge
| - --------------------------------
| 
|   Source archives:
| 
|     http://security.debian.org/pool/updates/main/m/mozilla-firefox/moz
| illa-firefox_1.0.4-2sarge3.dsc
|       Size/MD5 checksum:     1001 e9e343d5899bc10b64650464839db1dc
|     http://security.debian.org/pool/updates/main/m/mozilla-firefox/moz
| illa-firefox_1.0.4-2sarge3.diff.gz
|       Size/MD5 checksum:   323682 3e07c7d42de155ed01210386bc2f06f7
|     http://security.debian.org/pool/updates/main/m/mozilla-firefox/moz
| illa-firefox_1.0.4.orig.tar.gz
|       Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d
| 
|   Intel IA-32 architecture:
| 
|     http://security.debian.org/pool/updates/main/m/mozilla-firefox/moz
| illa-firefox_1.0.4-2sarge3_i386.deb
|       Size/MD5 checksum:  8889628 c7730b4e3df2f6a0bb12186a52884a9e
|     http://security.debian.org/pool/updates/main/m/mozilla-firefox/moz
| illa-firefox-dom-inspector_1.0.4-2sarge3_i386.deb
|       Size/MD5 checksum:   156844 806fd550f9a5283e4fab73443c73fbcd
|     http://security.debian.org/pool/updates/main/m/mozilla-firefox/moz
| illa-firefox-gnome-support_1.0.4-2sarge3_i386.deb
|       Size/MD5 checksum:    54096 9eb9d71896406a619bd186bfe10ed0f2
| 
 \______________________________________________________________________


Greetings
Michelle

-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Michelle Konzack   Apt. 917                  ICQ #328449886
                   50, rue de Soultz         MSM LinuxMichi
0033/3/88452356    67100 Strasbourg/France   IRC #Debian (irc.icq.com)
Reply to: