On Wed, Apr 14, 2010 at 12:27:49AM +0200, Mike Hommey wrote: > Hi, > > I went through the CVE list on the security tracker, and noted 2 CVEs > marked as vulnerable in testing/unstable while it is not the case: > - CVE-2009-4630 was fixed during the gecko 1.9.1 development cycle, and > as such was already fixed in all 2.x versions of iceape and 1.9.1.x > and 1.9.2.x versions of xulrunner. > - CVE-2010-0182 was fixed in xulrunner 1.9.1.9-1, but I had to leave it > out of the changelog because at the time I wrote it, the equivalent > MFSA information was broken on mozilla.org, and I couldn't know what > CVE it was about.
The latter was also fixed in xulrunner 1.9.2.2, so, as 1.9.2.3 was the first version in experimental, it's also fixed in the version in experimental. Mike -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100413222959.ga4...@glandium.org