Package: mozilla-browser Version: 2:1.7.7-2 Severity: grave Tags: security Justification: user security hole
Mozilla 1.7.8 is out. According to http://www.mozilla.org/projects/security/known-vulnerabilities.html it fixes three vulnerabilities: * MFSA 2005-44 Privilege escalation via non-DOM property overrides * MFSA 2005-43 "Wrapped" javascript: urls bypass security checks * MFSA 2005-42 Code execution via javascript: IconURL The first two are marked as critical, the last one as high. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]