Debian Package Tracker

From: Takuo KITAME <kitame@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted mozilla 2:1.7.6-1 (i386 source)
Date: Wed, 23 Mar 2005 13:32:24 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 24 Mar 2005 01:34:42 +0900
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.6-1
Distribution: unstable
Urgency: low
Maintainer: Takuo KITAME <kitame@debian.org>
Changed-By: Takuo KITAME <kitame@debian.org>
Description: 
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4   - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3    - Network Security Service Libraries - runtime
 mozilla    - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Closes: 215394 265928 270783 277504 279200 285611 290451 290863 293663 294274 297216 297618 297619 297620 300090 300978
Changes: 
 mozilla (2:1.7.6-1) unstable; urgency=low
 .
   * New upstream release
   * fix some security issues.
     - CAN-2005-0233: IDN support allows domainname spooing (closes: #294274)
     - CAN-2005-0592: Heap-based bufer over flow (closes: #297619)
     - CAN-2004-1156: secunia window injection vulnerability (closes: #293663)
     - MFSA-2005-18: Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption Design Error
     - CAN-2005-0593: SSL "secure site" indicator spoofing (closes: #297618)
     - CAN-2005-0588: does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain.
     - CAN-2005-0587: allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.
     - CAN-2005-0586: allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header
     - CAN-2005-0585: truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks.
     - CAN-2005-0584: when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks. (closes: #297620)
   * change binary name to mozilla-suite rom mozilla-VERSION (closes: #285611,#277504,#215394)
   * applied over the spot patch (closes: #290863)
   * added debian/po/it.po (closes: #279200)
   * added debian/po/nl.po (closes: #270783)
   * update debian/po/fi.po (closes: #265928)
   * remove run-mozilla.sh (closes: #297216, #300090)
   * update xprint dependency (closes: #300978)
   * use readlink(1) instead of perl's. (closes: #290451)
Files: 
 03f9b7cf7250d2bfa894fd264306b6ab 1111 web optional mozilla_1.7.6-1.dsc
 800f8d3877193a5d786d9ce4e3d1e400 30587697 web optional mozilla_1.7.6.orig.tar.gz
 15b76e937aa59308670c5afbaba7fd1f 303435 web optional mozilla_1.7.6-1.diff.gz
 70e9de0a98277fb0899227bebba665ab 1028 web optional mozilla_1.7.6-1_i386.deb
 97f99f437701e242220fa9de5a7c3bdf 10280282 web optional mozilla-browser_1.7.6-1_i386.deb
 8fc77a77186e461c480b8455c9272281 3343978 devel optional mozilla-dev_1.7.6-1_i386.deb
 0d6d79f4b70dd7d3cd58ad69829c4d91 1811052 mail optional mozilla-mailnews_1.7.6-1_i386.deb
 7881b2b481782364b1cb8a30cc454cf5 158318 net optional mozilla-chatzilla_1.7.6-1_i386.deb
 68e7c2c1c5ae79b1ae7bd0efbb75467e 192294 web optional mozilla-psm_1.7.6-1_i386.deb
 6b746476168989818eddd61e2d926acb 116194 web optional mozilla-dom-inspector_1.7.6-1_i386.deb
 f1925702d98df3ae51f28abe8f72c9b8 204124 devel optional mozilla-js-debugger_1.7.6-1_i386.deb
 5684fcb1e872312398fa3572157d8ffd 403270 misc optional mozilla-calendar_1.7.6-1_i386.deb
 db7397110795bc26f3ff049ad5cb0b26 129784 libs optional libnspr4_1.7.6-1_i386.deb
 4df0474571e6206ffeb96f1847857598 168060 libdevel optional libnspr-dev_1.7.6-1_i386.deb
 76106353331539e79d10e133498699d4 653648 libs optional libnss3_1.7.6-1_i386.deb
 3093fc70ca1754bf1506cc7c000b5106 184920 libdevel optional libnss-dev_1.7.6-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCQbO+U+WZW1FVMwoRAnxyAJ92vH1aYBcYDcyKE3UaKjHUGTT7fACfaXuH
hsFMT2ZhkOqrng0p3NOEBu0=
=zlfK
-----END PGP SIGNATURE-----


Accepted:
libnspr-dev_1.7.6-1_i386.deb
  to pool/main/m/mozilla/libnspr-dev_1.7.6-1_i386.deb
libnspr4_1.7.6-1_i386.deb
  to pool/main/m/mozilla/libnspr4_1.7.6-1_i386.deb
libnss-dev_1.7.6-1_i386.deb
  to pool/main/m/mozilla/libnss-dev_1.7.6-1_i386.deb
libnss3_1.7.6-1_i386.deb
  to pool/main/m/mozilla/libnss3_1.7.6-1_i386.deb
mozilla-browser_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-browser_1.7.6-1_i386.deb
mozilla-calendar_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-calendar_1.7.6-1_i386.deb
mozilla-chatzilla_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-chatzilla_1.7.6-1_i386.deb
mozilla-dev_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-dev_1.7.6-1_i386.deb
mozilla-dom-inspector_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-dom-inspector_1.7.6-1_i386.deb
mozilla-js-debugger_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-js-debugger_1.7.6-1_i386.deb
mozilla-mailnews_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-mailnews_1.7.6-1_i386.deb
mozilla-psm_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla-psm_1.7.6-1_i386.deb
mozilla_1.7.6-1.diff.gz
  to pool/main/m/mozilla/mozilla_1.7.6-1.diff.gz
mozilla_1.7.6-1.dsc
  to pool/main/m/mozilla/mozilla_1.7.6-1.dsc
mozilla_1.7.6-1_i386.deb
  to pool/main/m/mozilla/mozilla_1.7.6-1_i386.deb
mozilla_1.7.6.orig.tar.gz
  to pool/main/m/mozilla/mozilla_1.7.6.orig.tar.gz


-- 
To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
News for package mozilla
