Accepted firefox-sage 1.4.3-3 (source all)

Thu, 10 Dec 2009 07:50:49 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 06 Dec 2009 18:03:44 +0000
Source: firefox-sage
Binary: firefox-sage
Architecture: source all
Version: 1.4.3-3
Distribution: unstable
Urgency: high
Maintainer: Mozilla Extension Packaging Team 
<pkg-mozext-maintain...@lists.alioth.debian.org>
Changed-By: Alan Woodland <awoodl...@debian.org>
Description: 
 firefox-sage - lightweight RSS and Atom feed reader for Firefox
Closes: 559267
Changes: 
 firefox-sage (1.4.3-3) unstable; urgency=high
 .
   * Fix two security bugs:
     - Setting urgency=high, this vulnerability allowed remote
       exploitation, without any user interaction.
     - CVE-2009-4102 Cross Domain Scripting vulnerability.
       Don't trust HTML in titles, descriptions. Don't allow
       'strange' (i.e. javascript:, data:) URLs in Links.
     - CVE-2006-4712 (Regression), some of the old test cases
       no longer passed due to problem with htmlToText.
     - Closes: #559267
Checksums-Sha1: 
 d681c1c5ab651f8d7cdc1b5b0ddf221fc9a7b119 1188 firefox-sage_1.4.3-3.dsc
 e6f72048c87d6166c763f590d374ba86b39216d8 14511 firefox-sage_1.4.3-3.diff.gz
 72fc2e141afc3c3be121b7ff05980523bf93c297 167260 firefox-sage_1.4.3-3_all.deb
Checksums-Sha256: 
 072b3d97fd15ca92a5fec3c66dc69e21f85d62fd7a960b4b636c399822f03498 1188 
firefox-sage_1.4.3-3.dsc
 94e9137bd51f6fae85097a1d5e168ae6fbcb7b2a754df3d1b0dc75d6c24fdcf3 14511 
firefox-sage_1.4.3-3.diff.gz
 5feb6832a06c4823aa50f1c693655f4d3e297bf70c2c66a155144911d6c503a4 167260 
firefox-sage_1.4.3-3_all.deb
Files: 
 c26758676a077050d0a23a69c16c5d0c 1188 web optional firefox-sage_1.4.3-3.dsc
 267e9192039f75899a340c7f4383f874 14511 web optional 
firefox-sage_1.4.3-3.diff.gz
 b632ec621495bafdee29d82085c319c9 167260 web optional 
firefox-sage_1.4.3-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkshEmAACgkQ1FNW1LDdr0LoHgCfTFRNdWlniJOFEi5wn+vhPmnn
Sf0AnAkIt4Df0HT4Z+6yeJM/GxXzZNYV
=bnL7
-----END PGP SIGNATURE-----


Accepted:
firefox-sage_1.4.3-3.diff.gz
  to main/f/firefox-sage/firefox-sage_1.4.3-3.diff.gz
firefox-sage_1.4.3-3.dsc
  to main/f/firefox-sage/firefox-sage_1.4.3-3.dsc
firefox-sage_1.4.3-3_all.deb
  to main/f/firefox-sage/firefox-sage_1.4.3-3_all.deb


-- 
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to