Accepted firefox 2.0.0.2+1-0ubuntu1 (source)

Alexander Sack asac at ubuntu.com
Mon Feb 26 16:37:23 GMT 2007


Accepted:
 OK: firefox_2.0.0.2+1-0ubuntu1.dsc
     -> Component: main Section: web
 OK: firefox_2.0.0.2+1.orig.tar.gz
 OK: firefox_2.0.0.2+1-0ubuntu1.diff.gz

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 24 Feb 2007 23:00:00 +0100
Source: firefox
Binary: libnspr4 firefox-dom-inspector firefox-dev mozilla-firefox mozilla-firefox-dev mozilla-firefox-dom-inspector libnss3 libnspr-dev firefox-gnome-support firefox-dbg libnss-dev mozilla-firefox-gnome-support firefox
Architecture: source
Version: 2.0.0.2+1-0ubuntu1
Distribution: feisty
Urgency: low
Maintainer: Alexander Sack <asac at ubuntu.com>
Changed-By: Alexander Sack <asac at ubuntu.com>
Description: 
 firefox    - lightweight web browser based on Mozilla
 firefox-dbg - debugging symbols for firefox
 firefox-dev - Development files for Mozilla Firefox
 firefox-dom-inspector - tool for inspecting the DOM of pages in Mozilla Firefox
 firefox-gnome-support - Support for Gnome in Mozilla Firefox
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4   - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3    - Network Security Service Libraries - runtime
 mozilla-firefox - Transition package for firefox rename
 mozilla-firefox-dev - dummy transitional package
 mozilla-firefox-dom-inspector - Transition package for firefox rename
 mozilla-firefox-gnome-support - Transition package for firefox rename
Changes: 
 firefox (2.0.0.2+1-0ubuntu1) feisty; urgency=low
 .
   * new upstream release 2.0.0.2
   * MFSA2007-01 - Crashes with evidence of memory corruption
     (rv:1.8.0.10/1.8.1.2):
      - CVE-2007-0775 - layout engine crashes
      - CVE-2007-0776 - SVG
      - CVE-2007-0777 - javascript engine corruption
   * MFSA2007-02 - Improvements to help protect against Cross-Site
     Scripting attacks:
      - CVE-2007-0995 - Invalid trailing characters in HTML tag attributes
      - CVE-2007-0996 - Child frame character set inheritance
      - CVE-2006-6077 - Injected password forms
   * MFSA2007-03 aka CVE-2007-0778: Information disclosure through cache
     collisions
   * MFSA2007-04 aka CVE-2007-0779: Spoofing using custom cursor and CSS3
     hotspot
   * MFSA2007-05 aka CVE-2007-0780, CVE-2007-0800: XSS and local file access
     by opening blocked popups
   * MFSA2007-06 aka CVE-2007-0008, CVE-2007-0009: Mozilla Network Security
     Services (NSS) SSLv2 buffer overflow
   * MFSA2007-07 aka CVE-2007-0981: Embedded nulls in location.hostname
     confuse same-domain checks
 .
 firefox (2.0.0.1+1-0ubuntu2) feisty; urgency=low
 .
   * browser/components/feeds/src/FeedWriter.js: fix
     RSS preview/subscription for flat chrome
     (Closes LP#61182)
   * browser/app/Makefile.in: regression; reenable -Wl,--no-as-needed
     for libxpcom.so (Closes: LP#85112). Note: this patch will be
     removed in feisty+1
   * debian/rules: set BUILD_OFFICIAL and MOZILLA_OFFICIAL environment
     so build gets a proper BUILD_ID (Closes LP#68459).
Files: 
 cf7d1ac5fa8131bd071c7099245fa5f8 1154 web optional firefox_2.0.0.2+1-0ubuntu1.dsc
 3bf9977d318d2430ca38ea6e80df37b4 47187839 web optional firefox_2.0.0.2+1.orig.tar.gz
 e1d09d8491e19f848b300a9239774b15 312453 web optional firefox_2.0.0.2+1-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFF4wrhDecnbV4Fd/IRAjqMAKCO0U2JdiyMGuAvma036FYbnMIYtACfRVyZ
PzRBaJbO76aKRY/qtZAUJs4=
=v14B
-----END PGP SIGNATURE-----





More information about the feisty-changes mailing list