* Geoff Crompton ([EMAIL PROTECTED]) wrote: > Package: mozilla-firefox > Version: 1.0.4-2sarge5 > Severity: important > > No CVE yet, seen at http://www.securityfocus.com/bid/16741. Affects firefox > 1.0 through to 1.5 > > The bid has a html snippet that triggers it, which I've not reproduced here. I > tried the snippet, and it immediately crashed my browser. > > Lots of discussion at https://bugzilla.mozilla.org/show_bug.cgi?id=269095 > Mind you, reading some of that makes it easy to understand why it is > really hard to backport patches.
This has been fixed in firefox 1.5.0.1, and since it's only a DOS and not exploitable, I don't think the security team will want to bother with a DSA. -- Eric Dorland <[EMAIL PROTECTED]> ICQ: #61138586, Jabber: [EMAIL PROTECTED] 1024D/16D970C6 097C 4861 9934 27A0 8E1C 2B0A 61E9 8ECF 16D9 70C6 -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ G e h! r- y+ ------END GEEK CODE BLOCK------
signature.asc
Description: Digital signature
