Package: xulrunner Version: 1.9.0.13-0 Severity: serious Tags: security Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for xulrunner. CVE-2007-1970[0]: | Mozilla Firefox does not warn the user about HTTP elements on an HTTPS | page when the HTTP elements are dynamically created by a delayed | document.write, which allows remote attackers to supply | unauthenticated content and conduct phishing attacks. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1970 http://security-tracker.debian.org/tracker/CVE-2007-1970 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
