Your message dated Mon, 11 Jun 2007 07:47:39 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#428320: iceweasel needs some security fixes
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package: iceweasel
Version: 2.0.0.3-1
Severity: critical
Tags: security
- --- Please enter the report below this line. ---
A few days ago Mozilla released an update for their Firefox browser.
They mainly fixed some security holes in their browser. I am able to
confirm some of these with iceweasel so I believe it hasn't been fixed
yet. Below there are the advisories from Mozilla. Patches should be
available on their site.
http://www.mozilla.org/security/announce/2007/mfsa2007-17.html
http://www.mozilla.org/security/announce/2007/mfsa2007-16.html
http://www.mozilla.org/security/announce/2007/mfsa2007-12.html
- --- System information. ---
Architecture: amd64
Kernel: Linux 2.6.18-4-amd64
Debian Release: 4.0
500 stable www.debian-multimedia.org
500 stable volatile.debian.org
500 stable security.debian.org
500 stable mirror.noreply.org
500 stable ftp.de.debian.org
- --- Package information. ---
Depends (Version) | Installed
================================-+-==============
fontconfig | 2.4.2-1.2
psmisc | 22.3-1
debianutils (>= 1.16) | 2.17
libatk1.0-0 (>= 1.12.2) | 1.12.4-3
libc6 (>= 2.3.5-1) | 2.3.6.ds1-13
libcairo2 (>= 1.2.4) | 1.2.4-4
libfontconfig1 (>= 2.4.0) | 2.4.2-1.2
libfreetype6 (>= 2.2) | 2.2.1-5
libglib2.0-0 (>= 2.12.0) | 2.12.4-2
libgtk2.0-0 (>= 2.8.0) | 2.8.20-7
libjpeg62 | 6b-13
libmyspell3c2 | 1:3.1-18
libpango1.0-0 (>= 1.14.8) | 1.14.8-5
libpng12-0 (>= 1.2.13-4) | 1.2.15~beta5-1
libstdc++6 (>= 4.1.1-12) | 4.1.1-21
libx11-6 | 2:1.0.3-7
libxft2 (>> 2.1.1) | 2.1.8.2-8
libxinerama1 | 1:1.0.1-4.1
libxp6 | 1:1.0.0.xsf1-1
libxrender1 | 1:0.9.1-3
libxt6 | 1:1.0.2-2
zlib1g (>= 1:1.2.1) | 1:1.2.3-13
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGbEfAdLotVz959dkRCuJrAJ4sAndT9P+uaLcWRw2GA2DK/CGVnwCfTZ0x
FM6BRFkDFJfUV8W4N53M84Q=
=ZTmG
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Version: 2.0.0.4-0etch1
Version: 2.0.0.4-1
On Sun, Jun 10, 2007 at 08:50:59PM +0200, Helmut Pozimski <[EMAIL PROTECTED]>
wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Package: iceweasel
> Version: 2.0.0.3-1
> Severity: critical
> Tags: security
>
> - --- Please enter the report below this line. ---
> A few days ago Mozilla released an update for their Firefox browser.
> They mainly fixed some security holes in their browser. I am able to
> confirm some of these with iceweasel so I believe it hasn't been fixed
> yet. Below there are the advisories from Mozilla.
Try upgrading to iceweasel 2.0.0.4, which has hit the archive in
unstable, or wait for a few days for the etch security update to be
available.
> Patches should be available on their site.
FWIW, Mozilla doesn't provide individual patches for security issues.
You can only get the new version tarballs, which usually also contains
feature fixes or other random changes.
Mike
--- End Message ---
