Package: mozilla-browser Version: 2:1.7.8-1 Severity: serious Tags: security
I've successfully crashed this version of mozilla using the proof of concept exploits linked to from http://marc.theaimsgroup.com/?l=bugtraq&m=112008299210033&w=2 mozilla-firefox 1.0.5-1 doesn't crash. This is CAN-2005-2114 -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.27 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages mozilla-browser depends on: ii debconf 1.4.52 Debian configuration management sy ii libatk1.0-0 1.10.1-2 The ATK accessibility toolkit ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libfontconfig1 2.3.2-1 generic font configuration library ii libfreetype6 2.1.10-1 FreeType 2 font engine, shared lib ii libgcc1 1:4.0.1-2 GCC support library ii libglib2.0-0 2.6.5-1 The GLib library of C routines ii libgtk2.0-0 2.6.8-1 The GTK+ graphical user interface ii libnspr4 2:1.7.8-1 Netscape Portable Runtime Library ii libpango1.0-0 1.8.1-1 Layout and rendering of internatio ii libstdc++5 1:3.3.6-7 The GNU Standard C++ Library v3 ii libx11-6 6.8.2.dfsg.1-2 X Window System protocol client li ii libxext6 6.8.2.dfsg.1-2 X Window System miscellaneous exte ii libxft2 2.1.7-1 FreeType-based font drawing librar ii libxp6 6.8.2.dfsg.1-2 X Window System printing extension ii libxrender1 1:0.9.0-2 X Rendering Extension client libra ii libxt6 6.8.2.dfsg.1-2 X Toolkit Intrinsics ii psmisc 21.6-1 Utilities that use the proc filesy ii xlibs 6.8.2.dfsg.1-2 X Window System client libraries m ii zlib1g 1:1.2.2-9 compression library - runtime Versions of packages mozilla-browser recommends: ii mozilla-psm 2:1.7.8-1 The Mozilla Internet application s pn myspell-en-us | myspell-dicti <none> (no description available) -- debconf information excluded -- see shy jo
signature.asc
Description: Digital signature