Hi, can someone please unblock xulrunner? 1.9.0.1-1 fixes CVE-2008-2785[0] which is a fairly important security issue that allows arbitrary code execution by overflowing a CSS reference counter.
Every iceweasel user who has not switched off java script could be affected by this. More about the vulnerability itself in the upstream advisory[1]. In Debian this does technically affect xulrunner and not iceweasel as discussed[2] with the maintainer so it would be nice if someone could unblock xulrunner 1.9.0.1-1 to enter lenny. [0] http://security-tracker.debian.net/tracker/CVE-2008-2785 [1] http://www.mozilla.org/security/announce/2008/mfsa2008-34.html [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491161#17 Cheers Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpimfXd88Nv8.pgp
Description: PGP signature
