> CVE-2008-1834[0]: > | swfdec_load_object.c in Swfdec before 0.6.4 does not properly restrict > | local file access from untrusted sandboxes, which allows remote > | attackers to read arbitrary files via a crafted Flash file.
Version 0.5 was a development version, we have 0.6.4 on the archives and I'm waiting for it to enter testing, which should happen in a few days. I'm wondering if we can request the removal of swfdec0.5 along with its dependencies (swfdec-mozilla and swfdec-gnome old versions) so that the new ones can enter testing, we've been waiting for arm for more than a month now, and I don't think this will change in the near future, and that is stopping the stable versions from replacing the old development ones :-( Regards... -- Manty/BestiaTester -> http://manty.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
