Debian Package Tracker

From: Alexander Sack <asac@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted mozilla 2:1.7.8-1sarge7.1 (source i386)
Date: Wed, 30 Aug 2006 23:05:13 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 15 Jun 2006 14:00:00 +0100
Source: mozilla
Binary: mozilla mozilla-calendar mozilla-dom-inspector libnspr4 mozilla-js-debugger mozilla-browser libnss3 libnspr-dev mozilla-chatzilla mozilla-psm mozilla-mailnews libnss-dev mozilla-dev
Architecture: source i386
Version: 2:1.7.8-1sarge7.1
Distribution: stable-security
Urgency: critical
Maintainer: Takuo KITAME <kitame@debian.org>
Changed-By: Alexander Sack <asac@debian.org>
Description: 
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4   - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3    - Network Security Service Libraries - runtime
 mozilla    - The Mozilla Internet application suite - meta package
 mozilla-browser - The Mozilla Internet application suite - core and browser
 mozilla-calendar - Todo organizer,calendar and reminder,integrated with Mozilla suit
 mozilla-chatzilla - Mozilla Web Browser - irc client
 mozilla-dev - The Mozilla Internet application suite - development files
 mozilla-dom-inspector - A tool for inspecting the DOM of pages in Mozilla.
 mozilla-js-debugger - JavaScript debugger for use with Mozilla
 mozilla-mailnews - The Mozilla Internet application suite - mail and news support
 mozilla-psm - The Mozilla Internet application suite - Personal Security Manage
Changes: 
 mozilla (2:1.7.8-1sarge7.1) stable-security; urgency=critical
 .
   * dropped mozilla 1.7.14 patches in debian/patches that fix various
     security issues:
     + CVE-2006-2787     : 1_0001-mfsa2006-31-319263-336601-336313.txt
     + CVE-2006-2786 1/2 : 1_0002-mfsa2006-33-Part-1-2-329746.txt
     + CVE-2006-2786 2/2 : 1_0003-mfsa2006-33-Part-2-2-330214.txt
     + CVE-2006-2785 2/2 : 1_0004-mfsa2006-34-Part2-2-329521-suite.txt
     + CVE-2006-2775     : 1_0005-mfsa2006-35-329677.txt
                           1_0023-mfsa2006-35-335142-regression-1-2-for-329677.txt
                           1_0024-mfsa2006-35-337841-regression-part-2-2-for-329677.txt
     + CVE-2006-2784     : 1_0006-mfsa2006-36-330037.txt
     + CVE-2006-2776     : 1_0007-mfsa2006-37-330773-with-belt-and-braces.txt
     + CVE-2006-2778     : 1_0008-mfsa2006-38-330897.txt
     + CVE-2006-1942     : 1_0009-mfsa2006-39-CVE-2006-1942-334341-suite.txt
     + CVE-2006-2781     : 1_0010-mfsa2006-40-334384.txt
     + CVE-2006-2782     : 1_0011-mfsa2006-41-334977.txt
     + CVE-2006-2783     : 1_0012-mfsa2006-42-335816.txt
     + CVE-2006-2777     : 1_0013-mfsa2006-43-336830.txt
     + CVE-2006-2779 3/6 : 1_0014-mfsa2006-32-Part-3-7-326501.txt
     + CVE-2006-2779 4/6 : 1_0015-mfsa2006-32-Part-4a-7-326931.txt
     + CVE-2006-2785 2/2 : 1_0015-mfsa2006-34-Part-1-2-xpfe-329468-suite.txt
     + CVE-2006-2779 4/6 : 1_0016-mfsa2006-32-Part-4b-7-329219.txt
     + CVE-2006-2779 4/6 : 1_0017-mfsa2006-32-Part-4c-7-330818-proper-aviary.txt
     + CVE-2006-2779 6/6 : 1_0018-mfsa2006-32-Part-6-7-332971.txt
     + CVE-2006-2780     : 1_0019-js-src-jsstr.c-335535-mfsa2006-32-Part-7-7.txt
     + CVE-2006-2779 5/6 : 1_0021-mfsa2006-32-Part-5-7-327712.txt
   * Note: CVE-2006-2779 (mfsa2006-32) is only partially fixed. Missing are
     tricky parts 1/6 and 2/6 from advisory:
      1/6: Removing nested <option>s from a select (Jesse Ruderman)
        https://bugzilla.mozilla.org/show_bug.cgi?id=324918
      2/6: 'Crashes during DOMNodeRemoved mutation event'
        https://bugzilla.mozilla.org/show_bug.cgi?id=325730
        https://bugzilla.mozilla.org/show_bug.cgi?id=329982
Files: 
 473562c669e27793809fd76034b5e9de 1127 web optional mozilla_1.7.8-1sarge7.1.dsc
 6d4f73fb299451760cbf05974d36753a 498361 web optional mozilla_1.7.8-1sarge7.1.diff.gz
 8f01d06ab6028c5b908dd5594e1d1c14 1032 web optional mozilla_1.7.8-1sarge7.1_i386.deb
 e281b8fb2b04eb6f788654557efb8f94 10336772 web optional mozilla-browser_1.7.8-1sarge7.1_i386.deb
 db6a4633ec5db81ce6e0bd1d9bf95193 3594164 devel optional mozilla-dev_1.7.8-1sarge7.1_i386.deb
 10fd0769547b8342fcf833182c66f7cd 1816096 mail optional mozilla-mailnews_1.7.8-1sarge7.1_i386.deb
 a8a7f9c96a21287704a76ff3e5455335 158352 net optional mozilla-chatzilla_1.7.8-1sarge7.1_i386.deb
 9f757a02bfa0e741b4d131191ac3bed1 192634 web optional mozilla-psm_1.7.8-1sarge7.1_i386.deb
 fade783b8720425b0f05004c6d9632ef 116702 web optional mozilla-dom-inspector_1.7.8-1sarge7.1_i386.deb
 e173db0beb2598ea64ac80262b8043e4 204170 devel optional mozilla-js-debugger_1.7.8-1sarge7.1_i386.deb
 5db7402ffdb5b6523fa43d1c89944907 403504 misc optional mozilla-calendar_1.7.8-1sarge7.1_i386.deb
 5a5c0d8e7e0614ee02c182983e8d8656 136984 libs optional libnspr4_1.7.8-1sarge7.1_i386.deb
 5956d005059fd107818f8035fa9ffbf2 170346 libdevel optional libnspr-dev_1.7.8-1sarge7.1_i386.deb
 74ebef87c001e89d4a2e8d45c9910e13 661744 libs optional libnss3_1.7.8-1sarge7.1_i386.deb
 74f8739619d8ae81b1fe30d0668b8a58 187138 libdevel optional libnss-dev_1.7.8-1sarge7.1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFEonvFv8pLOKgkuT8RAv6LAJ4zQtN7UWOsTSNZe94EeVgrzfxf3QCfYXsb
8R4/AJ9t7fnT83d5ekTxT0c=
=ezEE
-----END PGP SIGNATURE-----


Accepted:
libnspr-dev_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/libnspr-dev_1.7.8-1sarge7.1_i386.deb
libnspr4_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/libnspr4_1.7.8-1sarge7.1_i386.deb
libnss-dev_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/libnss-dev_1.7.8-1sarge7.1_i386.deb
libnss3_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/libnss3_1.7.8-1sarge7.1_i386.deb
mozilla-browser_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-browser_1.7.8-1sarge7.1_i386.deb
mozilla-calendar_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-calendar_1.7.8-1sarge7.1_i386.deb
mozilla-chatzilla_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge7.1_i386.deb
mozilla-dev_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-dev_1.7.8-1sarge7.1_i386.deb
mozilla-dom-inspector_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge7.1_i386.deb
mozilla-js-debugger_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge7.1_i386.deb
mozilla-mailnews_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge7.1_i386.deb
mozilla-psm_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla-psm_1.7.8-1sarge7.1_i386.deb
mozilla_1.7.8-1sarge7.1.diff.gz
  to pool/main/m/mozilla/mozilla_1.7.8-1sarge7.1.diff.gz
mozilla_1.7.8-1sarge7.1.dsc
  to pool/main/m/mozilla/mozilla_1.7.8-1sarge7.1.dsc
mozilla_1.7.8-1sarge7.1_i386.deb
  to pool/main/m/mozilla/mozilla_1.7.8-1sarge7.1_i386.deb
News for package mozilla
