forwarded 349339 https://bugzilla.mozilla.org/show_bug.cgi?id=324253 thanks
* Alexander Sack ([EMAIL PROTECTED]) wrote: > Package: mozilla-firefox > Severity: important > Tags: security > X-Debbugs-CC: [EMAIL PROTECTED] > > > IMHO important, since it's a bit of a stupid idea to host stylesheets > externally - like livejournal did! > > Background info here: > > https://bugzilla.mozilla.org/show_bug.cgi?id=324253 > > http://www.davidpashley.com/cgi/pyblosxom.cgi/computing/livejournal-mozilla-bug.html > > http://blogs.washingtonpost.com/securityfix/2006/01/account_hijacki.html This is apparently fairly complex, and I'm not sure it will be fixed in a timely fashion. But as pointed out, it was LiveJournal's fault to some degree. -- Eric Dorland <[EMAIL PROTECTED]> ICQ: #61138586, Jabber: [EMAIL PROTECTED] 1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ G e h! r- y+ ------END GEEK CODE BLOCK------
signature.asc
Description: Digital signature