Accepted: firefox 2.0.0.12+2nobinonly+2-0ubuntu1 (source)

Alexander Sack asac at ubuntu.com
Mon Feb 11 10:50:50 GMT 2008 

Accepted:
 OK: firefox_2.0.0.12+2nobinonly+2.orig.tar.gz
 OK: firefox_2.0.0.12+2nobinonly+2-0ubuntu1.diff.gz
 OK: firefox_2.0.0.12+2nobinonly+2-0ubuntu1.dsc
     -> Component: main Section: web

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 11 Feb 2008 00:28:46 +0100
Source: firefox
Binary: firefox-dbg firefox-gnome-support firefox-dom-inspector firefox-dev firefox-libthai firefox
Architecture: source
Version: 2.0.0.12+2nobinonly+2-0ubuntu1
Distribution: hardy
Urgency: low
Maintainer: Alexander Sack <asac at ubuntu.com>
Changed-By: Alexander Sack <asac at ubuntu.com>
Description: 
 firefox    - lightweight web browser based on Mozilla
 firefox-dbg - debugging symbols for firefox
 firefox-dev - Development files for Mozilla Firefox
 firefox-dom-inspector - tool for inspecting the DOM of pages in Mozilla Firefox
 firefox-gnome-support - Support for Gnome in Mozilla Firefox
 firefox-libthai - Support for Thai line breaking in Firefox
Changes: 
 firefox (2.0.0.12+2nobinonly+2-0ubuntu1) hardy; urgency=low
 .
   [ Alexander Sack ]
   * New stability upstream release (v2.0.0.12)
   * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption
     v1.8.1.12 (Browser crashes)
   * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption
     v1.8.1.12 (javascript crashes)
   * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing
     vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke
     blocking bugs
   * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code
     Execution (JavaScript privilege escalation bugs)
   * MFSA 2008-04 aka CVE-2008-0416: Multiple XSS vulnerabilities from
     character encoding
   * MFSA 2008-05 aka CVE-2008-0417: Stored password corruption
   * MFSA 2008-06 aka CVE-2008-0418: Directory traversal via chrome: URI
   * MFSA 2008-07 aka CVE-2008-0419: Web browsing history and forward
     navigation
     stealing
   * MFSA 2008-08 aka CVE-2008-0420: Possible information disclosure in BMP
     decoder
   * MFSA 2008-09 aka CVE-2008-0591: File action dialog tampering
   * MFSA 2008-10 aka CVE-2008-0592: Mishandling of locally-saved plain text
     files
   * MFSA 2008-11 aka CVE-2008-0593: URL token stealing via stylesheet redirect
   * MFSA 2008-12 aka CVE-2008-0594: Web forgery overwrite with div overlay
   * updated diverged patches
     - debian/patches/ubuntu-look-and-feel-patch.patch
     - debian/patches/configure-autoconf2-13-reconfigure.patch
     - debian/patches/series
   * remove patches applied upstream
     - debian/patches/bz391028_att284556.patch
Files: 
 acdb24c8c549bb809d2c7b79fd492b22 1821 web optional firefox_2.0.0.12+2nobinonly+2-0ubuntu1.dsc
 718e463b6f6c7ae813de3cbffc21e864 195386 web optional firefox_2.0.0.12+2nobinonly+2-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQIVAwUBR7AVAaBE/gcUDGZkAQLLnQ//R6O4hOAZNgl0Dy7UZPs1Cg6rBN1ekGVR
RiFZnd85SlAiClu8bpx8Dl4MQQyJt8ENOzpg8dsvRhUBPC2EmP4Z08U5ZuG4fhmI
vYEiyWFLlzE4+JUdWjjTzv6QAJNoLVQ7P+HLj02kvxI9sDlqq1YJpqz7rH0tL2WZ
wtosqUEKhAZ/GzPbt2nBUbu+CY3uUaeanaORqyp6D213N7HauiyAFzcuchP4DmOT
5/BOhvW0VDTJ3EQLtHOBu1IejB1iP8h0vdtboK9wRnEwdbmXcD5GA0PjEDbHQSIe
1SWlzdCGSyBbF74imdf7ICQyDr2IqnT+N+CskP2V5f4c8q7nIwKrFMCVc8yXasDA
kmWdT0jKWtGGQL/hs77/y9aiXpgl3v7j+Hzn4KbWCrYcMZRVNMPam6rNQ/LmUpBK
q2nurvUqgidT2+2vD+0j45DjXzTGFptrv0jL9/EQUNrsydU4mGYTExCt7+V9NW8q
NCOPpeNy9TDFr5Fhw2Devg8xdUspPfKwRj06yHevF7njY8eLNPwQmzLfNd8QrN77
dZWsxbtpFv+dcMgnpYpVgCPIn3lzfiKzpZxTI2xffKYN1nxdoG0GZSxNvm0FRJLq
ZYZQCSb1htAwc2UJT64W0vbTA2b2zAVWdheGEUmIH7AtUVcHPh954zGiAc83BvCx
jRHjDWDVeF0=
=32km
-----END PGP SIGNATURE-----

More information about the Hardy-changes mailing list