Jan Lühr wrote: > Am Mittwoch, 10. März 2004 17:06 schrieben Sie: > > Jan Lühr wrote: > > > So is mozilla the forgotten package? Considering how popular mozilla is, > > > making it secure would be worth the effort - imho. > > > > How many of Mozilla's security bugs which are fix during routine > > upgrades are discussed publicly? Can they be backported easily? > > I'm not in touch with the mozilla code. Thus I cannot say how easy it is to > backport 'em.
Some of the known bugs are described at the following page: <http://www.mozilla.org/projects/security/known-vulnerabilities.html> Mandrake has recently released an advisory, maybe their patches could be used for the 1.0 backports. Hmm, has there been any Mozilla security update for woody? This looks like a *lot* of work. Maybe it's better to take some other distribution's Mozilla 1.4 package and ship that. 8-> -- Current mail filters: many dial-up/DSL/cable modem hosts, and the following domains: atlas.cz, bigpond.com, freenet.de, hotmail.com, libero.it, netscape.net, postino.it, tiscali.co.uk, tiscali.cz, tiscali.it, voila.fr, wanadoo.fr, yahoo.com.