Package: mozilla-firefox Version: 1.0.6-2 Severity: normal CAN-2005-2602 describes what is presented as a security hole, involving very large urls not displaying properly in mozilla's location bar. I cannot reproduce the exact problem reported there, which is that the URL bar appeared empty when a huge url was in it. But I was able to find an interesting bug. After entering the url below via paste, my url bar began to display some of the letters doubled over top of each other, and as I continued to add to the url, this doubling continued until the URL bar displayed as a solid black rectangle the height of the letters.
If I select the url to paste it into this email, I can get the reported "empty" bar, as it inverts the black rectangle. Still it's hard to take that seriously as a security hole.=20 Anyway, the url was http://foo.com/ followed by as many "aaaaa" as I could paste in before I got tired of pasting. The BTS dropped a previous mail that had the exact url. I have not tested thunderbird or mozilla, but the original report also says that thunderbird has the problem and I imagine mozilla does too. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.27 Locale: LANG=3Den_US.UTF-8, LC_CTYPE=3Den_US.UTF-8 (charmap=3DUTF-8) -- see shy jo
signature.asc
Description: Digital signature