Please sponsor xulrunner 1.8.1.13+nobinonly-0ubuntu1
xulrunner (1.8.1.13+nobinonly-0ubuntu1) hardy; urgency=low
* New security upstream release: 1.8.1.13 (LP: #207171)
* Security fixes:
- MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
- MFSA 2008-18 Java socket connection to any local port via LiveConnect
- MFSA 2008-17 Privacy issue with SSL Client Authentication
- MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
- MFSA 2008-15 Crashes with evidence of memory corruption
- MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution
* Merge from debian unstable (1.8.1.12-5). Remaining ubuntu changes:
- debian/patches/88_force-no-pragma-visibility-for-gcc-4.2_4.3.dpatch
- xulrunner alternative in /usr/bin
* Drop patches applied upstream:
- drop debian/patches/10_SECAlgorithmIDTemplate.dpatch
- update debian/patches/00list
* Update diverged patches:
- update debian/patches/99_configure.dpatch
-- Fabien Tassin <email address hidden> Wed, 26 Mar 2008 00:07:56 +0000
This bug was fixed in the package xulrunner - 1.8.1.13+
---------------
xulrunner (1.8.1.
* New security upstream release: 1.8.1.13 (LP: #207171)
* Security fixes:
- MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
- MFSA 2008-18 Java socket connection to any local port via LiveConnect
- MFSA 2008-17 Privacy issue with SSL Client Authentication
- MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
- MFSA 2008-15 Crashes with evidence of memory corruption
- MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution
* Merge from debian unstable (1.8.1.12-5). Remaining ubuntu changes:
- debian/
- xulrunner alternative in /usr/bin
* Drop patches applied upstream:
- drop debian/
- update debian/
* Update diverged patches:
- update debian/
-- Fabien Tassin <email address hidden> Wed, 26 Mar 2008 00:07:56 +0000