Your message dated Thu, 14 Jul 2016 09:57:12 +0200
with message-id <[email protected]>
and subject line kazehakase was removed from Debian in 2012
has caused the Debian Bug report #560871,
regarding kazehakase: remote info disclosure via css
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
560871: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560871
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
package: kazehakase
version: 0.5.8-2
severity: serious
tags: security
hi,
it has been disclosed that it is possible for any website to query the
user's site viewing history via css. please see [0]. i have not
personally checked whether this package is vulnerable, but it seems to
be a general css design issue, so all css-supporting browsers are
likely affected. please check, and feel free to close the bug if the
package is not affected. thanks.
mike
--- End Message ---
--- Begin Message ---
Version: 0.5.8-4+rm
kazehakase was last released with Debian 6.0 (squeeze) in
February 2011 and removed from Debian sid/unstable in 2012 (see
http://bugs.debian.org/656771 for details on the removal). Since
support for squeeze and squeeze-LTS has now ended, I'm closing all the
remaining bugs reported against this package.
Andreas
--- End Message ---
