Accepted: firefox 2.0.0.12+2nobinonly+2-0ubuntu1 (source)
Alexander Sack
asac at ubuntu.com
Mon Feb 11 10:50:50 GMT 2008
Accepted:
OK: firefox_2.0.0.12+2nobinonly+2.orig.tar.gz
OK: firefox_2.0.0.12+2nobinonly+2-0ubuntu1.diff.gz
OK: firefox_2.0.0.12+2nobinonly+2-0ubuntu1.dsc
-> Component: main Section: web
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 11 Feb 2008 00:28:46 +0100
Source: firefox
Binary: firefox-dbg firefox-gnome-support firefox-dom-inspector firefox-dev firefox-libthai firefox
Architecture: source
Version: 2.0.0.12+2nobinonly+2-0ubuntu1
Distribution: hardy
Urgency: low
Maintainer: Alexander Sack <asac at ubuntu.com>
Changed-By: Alexander Sack <asac at ubuntu.com>
Description:
firefox - lightweight web browser based on Mozilla
firefox-dbg - debugging symbols for firefox
firefox-dev - Development files for Mozilla Firefox
firefox-dom-inspector - tool for inspecting the DOM of pages in Mozilla Firefox
firefox-gnome-support - Support for Gnome in Mozilla Firefox
firefox-libthai - Support for Thai line breaking in Firefox
Changes:
firefox (2.0.0.12+2nobinonly+2-0ubuntu1) hardy; urgency=low
.
[ Alexander Sack ]
* New stability upstream release (v2.0.0.12)
* MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption
v1.8.1.12 (Browser crashes)
* MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption
v1.8.1.12 (javascript crashes)
* MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing
vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke
blocking bugs
* MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code
Execution (JavaScript privilege escalation bugs)
* MFSA 2008-04 aka CVE-2008-0416: Multiple XSS vulnerabilities from
character encoding
* MFSA 2008-05 aka CVE-2008-0417: Stored password corruption
* MFSA 2008-06 aka CVE-2008-0418: Directory traversal via chrome: URI
* MFSA 2008-07 aka CVE-2008-0419: Web browsing history and forward
navigation
stealing
* MFSA 2008-08 aka CVE-2008-0420: Possible information disclosure in BMP
decoder
* MFSA 2008-09 aka CVE-2008-0591: File action dialog tampering
* MFSA 2008-10 aka CVE-2008-0592: Mishandling of locally-saved plain text
files
* MFSA 2008-11 aka CVE-2008-0593: URL token stealing via stylesheet redirect
* MFSA 2008-12 aka CVE-2008-0594: Web forgery overwrite with div overlay
* updated diverged patches
- debian/patches/ubuntu-look-and-feel-patch.patch
- debian/patches/configure-autoconf2-13-reconfigure.patch
- debian/patches/series
* remove patches applied upstream
- debian/patches/bz391028_att284556.patch
Files:
acdb24c8c549bb809d2c7b79fd492b22 1821 web optional firefox_2.0.0.12+2nobinonly+2-0ubuntu1.dsc
718e463b6f6c7ae813de3cbffc21e864 195386 web optional firefox_2.0.0.12+2nobinonly+2-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQIVAwUBR7AVAaBE/gcUDGZkAQLLnQ//R6O4hOAZNgl0Dy7UZPs1Cg6rBN1ekGVR
RiFZnd85SlAiClu8bpx8Dl4MQQyJt8ENOzpg8dsvRhUBPC2EmP4Z08U5ZuG4fhmI
vYEiyWFLlzE4+JUdWjjTzv6QAJNoLVQ7P+HLj02kvxI9sDlqq1YJpqz7rH0tL2WZ
wtosqUEKhAZ/GzPbt2nBUbu+CY3uUaeanaORqyp6D213N7HauiyAFzcuchP4DmOT
5/BOhvW0VDTJ3EQLtHOBu1IejB1iP8h0vdtboK9wRnEwdbmXcD5GA0PjEDbHQSIe
1SWlzdCGSyBbF74imdf7ICQyDr2IqnT+N+CskP2V5f4c8q7nIwKrFMCVc8yXasDA
kmWdT0jKWtGGQL/hs77/y9aiXpgl3v7j+Hzn4KbWCrYcMZRVNMPam6rNQ/LmUpBK
q2nurvUqgidT2+2vD+0j45DjXzTGFptrv0jL9/EQUNrsydU4mGYTExCt7+V9NW8q
NCOPpeNy9TDFr5Fhw2Devg8xdUspPfKwRj06yHevF7njY8eLNPwQmzLfNd8QrN77
dZWsxbtpFv+dcMgnpYpVgCPIn3lzfiKzpZxTI2xffKYN1nxdoG0GZSxNvm0FRJLq
ZYZQCSb1htAwc2UJT64W0vbTA2b2zAVWdheGEUmIH7AtUVcHPh954zGiAc83BvCx
jRHjDWDVeF0=
=32km
-----END PGP SIGNATURE-----
More information about the Hardy-changes
mailing list