Back to mozilla PTS page

Accepted mozilla 2:1.7.8-1sarge8 (source i386)

To: debian-changes@lists.debian.org
Subject: Accepted mozilla 2:1.7.8-1sarge8 (source i386)
From: Mike Hommey <glandium@debian.org>
Date: Sat, 17 Feb 2007 12:10:16 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1HIOOO-0005Qw-Bj@ries.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <dak@ftp-master.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 13 Nov 2006 20:47:34 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge8
Distribution: stable-security
Urgency: critical
Maintainer: Mike Hommey <glandium@debian.org>
Changed-By: Mike Hommey <glandium@debian.org>
Description: 
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4   - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3    - Network Security Service Libraries - runtime
 mozilla    - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Changes: 
 mozilla (2:1.7.8-1sarge8) stable-security; urgency=critical
 .
   * Security update to backport the fixes from Mozilla branch 1.8.0.8.
 .
   * 4_0014-MFSA2006-65-CVE-2006-5464-Part-1-310267.patch,
     4_0015-MFSA2006-65-CVE-2006-5464-Part-2-350370.patch,
     4_0016-MFSA2006-65-CVE-2006-5464-Part-3-307809.patch,
     4_0018-MFSA2006-65-CVE-2006-5464-Part-4-351328.patch: Fixes for
     CVE-2006-5464 aka first part of mfsa2006-65 (Crashes with evidence
     of memory corruption (rv:1.8.0.8)).
   * 4_0001-MFSA2006-65-CVE-2006-5748-Part-1-350238.patch,
     4_0002-MFSA2006-65-CVE-2006-5748-Part-2-351973.patch,
     4_0005-MFSA2006-65-CVE-2006-5748-Part-3-352606.patch,
     4_0008-MFSA2006-65-CVE-2006-5748-Part-4-349527.patch,
     4_0010-MFSA2006-65-CVE-2006-5748-Part-5-354924.patch: Fixes for
     CVE-2006-5748 aka last part of mfsa2006-65 (Crashes with evidence
     of memory corruption (rv:1.8.0.8)).
   * 4_0019-MFSA2006-66-CVE-2006-5462-356215.patch: Fix for "RSA Signature
     Forgery (variant)", CVE-2006-5462 aka mfsa2006-66.
   * 4_0020-MFSA2006-67-CVE-2006-5463-355655.patch: Fix for "Running Script
     can be recompiled", CVE-2006-5463 aka mfsa2006-67.
   * 4_0006-noMFSA-CVE-2006-4310-351255.patch: Fix for CVE-2006-4310
     (Remote DOS in FTP error handling), from bz#351255.
   * 4_0003-noMFSA-353264.patch,
     4_0011-noMFSA-313400.patch,
     4_0012-noMFSA-353704.patch,
     4_0013-noMFSA-352264.patch,
     4_0017-noMFSA-350524.patch: Many patches to fix crashes that can be
     triggered by malicious pages, no mfsa. bz#313400, bz#350524, bz#352264,
     bz#353264, bz#353704.
   * 4_0004-noMFSA-regression-fix-352873.patch: Fixes a regression introduced
     by a previous security update. bz#352873.
   * 4_0007-noMFSA-337744.patch: Protocol parsing tightening to avoid reading
     from the filesystem by unexpected resource or chrome urls. bz#337744.
   * 4_0009-noMFSA-334110.patch: A fix that goes along fixing a buffer
     overflow in libpng. bz#334110.
Files: 
 a6f4c7ddbcb0d9126d4e0a81fda4059a 1124 web optional mozilla_1.7.8-1sarge8.dsc
 77a056d9582389d1a31de1136dd7a0a2 574770 web optional mozilla_1.7.8-1sarge8.diff.gz
 fd2f5c0d987df8a32ab9818ff0a2d968 1036 web optional mozilla_1.7.8-1sarge8_i386.deb
 db2f25cbb471e5387de1aeef7e176f7e 10315404 web optional mozilla-browser_1.7.8-1sarge8_i386.deb
 081bfa3f5e9b81894f5a147ec05298ab 3348734 devel optional mozilla-dev_1.7.8-1sarge8_i386.deb
 790f8577dc06fc90034945919a949ac7 1811294 mail optional mozilla-mailnews_1.7.8-1sarge8_i386.deb
 fde8eec72729840210de689b2a343a51 158358 net optional mozilla-chatzilla_1.7.8-1sarge8_i386.deb
 592adc759e44972dacdc85ebe1296a63 192634 web optional mozilla-psm_1.7.8-1sarge8_i386.deb
 5bb8e35c9cf6bcf73572e1307d4e036f 116236 web optional mozilla-dom-inspector_1.7.8-1sarge8_i386.deb
 bb709199707869539300ae4ace073983 204172 devel optional mozilla-js-debugger_1.7.8-1sarge8_i386.deb
 b3bf4d34d9a51f3f1708b06c70901cf3 403286 misc optional mozilla-calendar_1.7.8-1sarge8_i386.deb
 89380d80fe8f7e985a9307a9a677bc3e 138378 libs optional libnspr4_1.7.8-1sarge8_i386.deb
 fead516428ff54afba8fb9ffeb6107b7 168078 libdevel optional libnspr-dev_1.7.8-1sarge8_i386.deb
 a2f137e0d9c3c8a936a7ef1393de2955 662194 libs optional libnss3_1.7.8-1sarge8_i386.deb
 0abd8dfb25de28cb50c5e58648a0ff3a 184968 libdevel optional libnss-dev_1.7.8-1sarge8_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFWiTD3kvaLFT9KlgRAgKdAJkBuIKhQ+MH1nRbQFPdc9TpGk6zSgCfackg
qXBlpoy4IhcyWL1KM9XF200=
=qqIP
-----END PGP SIGNATURE-----


Accepted:
libnspr-dev_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/libnspr-dev_1.7.8-1sarge8_i386.deb
libnspr4_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/libnspr4_1.7.8-1sarge8_i386.deb
libnss-dev_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/libnss-dev_1.7.8-1sarge8_i386.deb
libnss3_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/libnss3_1.7.8-1sarge8_i386.deb
mozilla-browser_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-browser_1.7.8-1sarge8_i386.deb
mozilla-calendar_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-calendar_1.7.8-1sarge8_i386.deb
mozilla-chatzilla_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge8_i386.deb
mozilla-dev_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-dev_1.7.8-1sarge8_i386.deb
mozilla-dom-inspector_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge8_i386.deb
mozilla-js-debugger_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge8_i386.deb
mozilla-mailnews_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge8_i386.deb
mozilla-psm_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla-psm_1.7.8-1sarge8_i386.deb
mozilla_1.7.8-1sarge8.diff.gz
  to pool/main/m/mozilla/mozilla_1.7.8-1sarge8.diff.gz
mozilla_1.7.8-1sarge8.dsc
  to pool/main/m/mozilla/mozilla_1.7.8-1sarge8.dsc
mozilla_1.7.8-1sarge8_i386.deb
  to pool/main/m/mozilla/mozilla_1.7.8-1sarge8_i386.deb