Package: mozilla-browser
Version: 2:1.5-3
Severity: minor
Tags: security
Please refer to [0]upstream Bug#228176.
The vulnerability is [1]originally found in Internet Explorer,
but Mozilla turned out to be also vulnerable in that its status
bar is spoofed (location bar and properties panel are saf
Package: mozilla-browser
Version: 2:1.5-3
Severity: minor
Tags: security
Please refer to [0]upstream Bug#228176.
The vulnerability is [1]originally found in Internet Explorer,
but Mozilla turned out to be also vulnerable in that its status
bar is spoofed (location bar and properties panel are saf
On Sun, 4 Jan 2004 12:16:57 -0800, Matt Zimmerman wrote:
>On Sat, Jan 03, 2004 at 05:26:41AM +, Nick Boyce wrote:
>
>> DSA 403-1 (http://www.debian.org/security/2003/dsa-403) states that
>> the do_brk security hole was fixed in vanilla kernel 2.4.23, and that
>>
>> "For Debian it has been f
On Sun, 4 Jan 2004 12:16:57 -0800, Matt Zimmerman wrote:
>On Sat, Jan 03, 2004 at 05:26:41AM +, Nick Boyce wrote:
>
>> DSA 403-1 (http://www.debian.org/security/2003/dsa-403) states that
>> the do_brk security hole was fixed in vanilla kernel 2.4.23, and that
>>
>> "For Debian it has been f
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
> More accurately, the installer should have prevented you from falling into
> this trap in the first place. This is one of the many improvements in
> debian-installer.
Excellent point, and I'm glad to hear of it.
--
Cheers, The cyn
On Sun, Jan 04, 2004 at 03:52:16AM -0800, Rick Moen wrote:
> Quoting kuene ([EMAIL PROTECTED]):
>
> > I am very much confused about the names of the kernels and I am not sure
> > if 2.4.18-bf2.4 is still a secure kernel or not.
>
> That's an installer kernel. You should have apt-get installed o
On Sat, Jan 03, 2004 at 05:26:41AM +, Nick Boyce wrote:
> I'd be grateful if someone could please try to deconfuse me about what
> the current stable kernel 2.4.18 source package is ..
>
> DSA 403-1 (http://www.debian.org/security/2003/dsa-403) states that
> the do_brk security hole was fixed
Quoting Matt Zimmerman ([EMAIL PROTECTED]):
> More accurately, the installer should have prevented you from falling into
> this trap in the first place. This is one of the many improvements in
> debian-installer.
Excellent point, and I'm glad to hear of it.
--
Cheers, The cyn
On Sun, Jan 04, 2004 at 03:52:16AM -0800, Rick Moen wrote:
> Quoting kuene ([EMAIL PROTECTED]):
>
> > I am very much confused about the names of the kernels and I am not sure
> > if 2.4.18-bf2.4 is still a secure kernel or not.
>
> That's an installer kernel. You should have apt-get installed o
On Sat, Jan 03, 2004 at 05:26:41AM +, Nick Boyce wrote:
> I'd be grateful if someone could please try to deconfuse me about what
> the current stable kernel 2.4.18 source package is ..
>
> DSA 403-1 (http://www.debian.org/security/2003/dsa-403) states that
> the do_brk security hole was fixed
Incoming from Kjetil Kjernsmo:
>
> Not quite. In addition to the bf-images, there are a bunch of images
> that are architecture-specific. Uhm, packages.debian.org are still
> down, otherwise you could have seen them there. Anyway, do
You don't need p.d.o for that:
(0) keeling /home/keeling_ a
On Sat, 3 Jan 2004 11:16:26 +0100, Maurizio Lemmo wrote:
>On sabato 03 gennaio 2004, alle 05:26, Nick Boyce wrote:
>> I'd be grateful if someone could please try to deconfuse me about what
>> the current stable kernel 2.4.18 source package is ..
>>
>> DSA 403-1 (http://www.debian.org/security/200
Incoming from Kjetil Kjernsmo:
>
> Not quite. In addition to the bf-images, there are a bunch of images
> that are architecture-specific. Uhm, packages.debian.org are still
> down, otherwise you could have seen them there. Anyway, do
You don't need p.d.o for that:
(0) keeling /home/keeling_ a
On Sat, 3 Jan 2004 11:16:26 +0100, Maurizio Lemmo wrote:
>On sabato 03 gennaio 2004, alle 05:26, Nick Boyce wrote:
>> I'd be grateful if someone could please try to deconfuse me about what
>> the current stable kernel 2.4.18 source package is ..
>>
>> DSA 403-1 (http://www.debian.org/security/200
On Sunday 04 January 2004 16:52, kuene wrote:
> only the kernel images are not pachted.
> so the kernel image packages are the only packages with security
> holes in it. even if you run debian-stable.
> is this right?
Not quite. In addition to the bf-images, there are a bunch of images
that are a
* kuene [Sun, 04 Jan 2004 16:52:18 +0100]:
> hi
> thank you very much.
> this clears things for me. :)
I think it just obscured them a little too much. I'll try to clean up
the mess, hope not to make another one ;-). [Please somebody correct me
if I'm wrong about something.]
> summary:
> in debia
hi
thank you very much.
this clears things for me. :)
summary:
in debian stable every package with security holes is patched.
only the kernel images are not pachted.
so the kernel image packages are the only packages with security holes
in it. even if you run debian-stable.
is this right?
this so
On Sunday 04 January 2004 16:52, kuene wrote:
> only the kernel images are not pachted.
> so the kernel image packages are the only packages with security
> holes in it. even if you run debian-stable.
> is this right?
Not quite. In addition to the bf-images, there are a bunch of images
that are a
* kuene [Sun, 04 Jan 2004 16:52:18 +0100]:
> hi
> thank you very much.
> this clears things for me. :)
I think it just obscured them a little too much. I'll try to clean up
the mess, hope not to make another one ;-). [Please somebody correct me
if I'm wrong about something.]
> summary:
> in debia
hi
thank you very much.
this clears things for me. :)
summary:
in debian stable every package with security holes is patched.
only the kernel images are not pachted.
so the kernel image packages are the only packages with security holes
in it. even if you run debian-stable.
is this right?
this so
Quoting kuene ([EMAIL PROTECTED]):
> I am very much confused about the names of the kernels and I am not sure
> if 2.4.18-bf2.4 is still a secure kernel or not.
That's an installer kernel. You should have apt-get installed one more
appropriate to your machine architecture immediately following t
Quoting kuene ([EMAIL PROTECTED]):
> I am very much confused about the names of the kernels and I am not sure
> if 2.4.18-bf2.4 is still a secure kernel or not.
That's an installer kernel. You should have apt-get installed one more
appropriate to your machine architecture immediately following t
22 matches
Mail list logo