[Bug 207171] Re: Please sponsor xulrunner 1.8.1.13+nobinonly-0ubuntu1

Launchpad Bug Tracker 207171 at bugs.launchpad.net
Wed Mar 26 22:45:06 GMT 2008


This bug was fixed in the package xulrunner - 1.8.1.13+nobinonly-
0ubuntu1

---------------
xulrunner (1.8.1.13+nobinonly-0ubuntu1) hardy; urgency=low

  * New security upstream release: 1.8.1.13 (LP: #207171)
  * Security fixes:
    - MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
    - MFSA 2008-18 Java socket connection to any local port via LiveConnect
    - MFSA 2008-17 Privacy issue with SSL Client Authentication
    - MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
    - MFSA 2008-15 Crashes with evidence of memory corruption
    - MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution
  * Merge from debian unstable (1.8.1.12-5). Remaining ubuntu changes:
    - debian/patches/88_force-no-pragma-visibility-for-gcc-4.2_4.3.dpatch
    - xulrunner alternative in /usr/bin
  * Drop patches applied upstream:
    - drop debian/patches/10_SECAlgorithmIDTemplate.dpatch
    - update debian/patches/00list
  * Update diverged patches:
    - update debian/patches/99_configure.dpatch

 -- Fabien Tassin <fta at sofaraway.org>   Wed, 26 Mar 2008 00:07:56 +0000

** Changed in: xulrunner (Ubuntu)
       Status: Confirmed => Fix Released

-- 
Please sponsor xulrunner 1.8.1.13+nobinonly-0ubuntu1
https://bugs.launchpad.net/bugs/207171
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.



More information about the Ubuntu-universe-sponsors mailing list