Bug#447734: libxul0d: vulnerable to CVE-2007-5339

[Sam Morris]

Package: libxul0d
Version: 1.8.1.6-1
Severity: grave
Tags: security
Justification: user security hole

Although <http://security-tracker.debian.net/tracker/CVE-2007-5339>
states that no packages in unstable are vulnerable to this bug, I just
tested Epiphany against it at <http://bcheck.scanit.be/bcheck/> and it
managed to crash my browser.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (540, 'stable'), (520, 'testing'), (510, 'unstable'), (1, 
'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22-2-k7
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

Versions of packages libxul0d depends on:
ii  libatk1.0-0             1.20.0-1         The ATK accessibility toolkit
ii  libc6                   2.6.1-1+b1       GNU C Library: Shared libraries
ii  libcairo2               1.4.10-1         The Cairo 2D vector graphics libra
ii  libfontconfig1          2.4.2-1.2        generic font configuration library
ii  libfreetype6            2.3.5-1+b1       FreeType 2 font engine, shared lib
ii  libgcc1                 1:4.2.2-3        GCC support library
ii  libglib2.0-0            2.14.1-5         The GLib library of C routines
ii  libgtk2.0-0             2.12.1-1         The GTK+ graphical user interface 
ii  libhunspell-1.1-0       1.1.9-1          spell checker and morphological an
ii  libjpeg62               6b-13            The Independent JPEG Group's JPEG 
ii  libmozjs0d              1.8.1.6-1        The Mozilla SpiderMonkey JavaScrip
ii  libnspr4-0d             4.6.7-1          NetScape Portable Runtime Library
ii  libnss3-0d              3.11.7-1         Network Security Service libraries
ii  libpango1.0-0           1.18.2-1         Layout and rendering of internatio
ii  libpng12-0              1.2.15~beta5-1   PNG library - runtime
ii  libstdc++6              4.2.2-3          The GNU Standard C++ Library v3
ii  libx11-6                2:1.0.3-7        X11 client-side library
ii  libxft2                 2.1.12-2         FreeType-based font drawing librar
ii  libxinerama1            1:1.0.2-1        X11 Xinerama extension library
ii  libxrender1             1:0.9.4-1        X Rendering Extension client libra
ii  libxt6                  1:1.0.2-2        X11 toolkit intrinsics library
ii  libxul-common           1.8.1.6-1        Gecko engine library - common file
ii  zlib1g                  1:1.2.3.3.dfsg-6 compression library - runtime

libxul0d recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]