Package: iceweasel Version: 2.0.0.3-1 Severity: normal Tags: security, patch
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear iceweasel maintainer, I saw http://security-tracker.debian.net/tracker/CVE-2007-1116 and I've checked this bug with PoC at http://www.gnucitizen.org/projects/hscan-redux/, iceweasel 2.0.0.3-1 is vulnerable. And bugzilla has a patch for that. See https://bugzilla.mozilla.org/show_bug.cgi?id=371375 I've build with that patch and re-test it, this bug is fixed. So please apply this patch to next release. - -- Regards, Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGAzZlIu0hy8THJksRAkXPAKCvhaFhVdrs0G0UQqdWr28keTaHiQCcDnL0 GdpaRL1fhnxZHdpKQWJn4Ws= =bICT -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

