[Technik] [SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution
Noèl Köthe
noel at debian.org
Mon Apr 28 21:13:40 CEST 2008
Am Donnerstag, den 24.04.2008, 23:21 +0200 schrieb Moritz Muehlenhoff:
> Debian Security Advisory DSA-1558-1 security at debian.org
> http://www.debian.org/security/ Moritz Muehlenhoff
> April 24, 2008 http://www.debian.org/security/faq
>
> Package : xulrunner
> Vulnerability : programming error
> Problem type : remote
> Debian-specific: no
> CVE Id(s) : CVE-2008-1380
xulrunner auf h01, h02, h03, h04, h51 und h52 aktualisiert.
> For the stable distribution (etch), this problem has been fixed in
> version 1.8.0.15~pre080323b-0etch2.
changelog:
xulrunner (1.8.0.15~pre080323b-0etch2) stable-security; urgency=low
* debian/patches/90_bz421622.dpatch: Fix a regression introduced by fix for
CVE-2008-1234.
* debian/patches/90_bz425576.dpatch: Fix for MFSA 2008-20 aka CVE-2008-1380.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium at debian.org> Fri, 18 Apr 2008 19:48:27 +0200
--
Noèl Köthe <noel debian.org>
Debian GNU/Linux, www.debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : /archiv/technik/attachments/20080428/84bcde6b/attachment.pgp
More information about the Technik
mailing list