Your message dated Fri, 11 Jul 2008 23:17:25 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Re: Bug#489961: iceweasel: Iceweasel crash in Gmail chat with
pop-out window
has caused the Debian Bug report #489961,
regarding iceweasel: Iceweasel crash in Gmail chat with pop-out window
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
489961: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489961
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: iceweasel
Version: 2.0.0.14-0etch1
Severity: grave
Tags: security
Justification: user security hole
The following steps are necessary to reproduce this problem:
1. Log-in on your Gmail account
2. Open Gmail chat with any other user
3. Press the "pop-out" button
4. Close the pop-out window
Doing so, you should see Iceweasel (Forefox) crash
While it is possible that Google relies on some non-standard feature,
the crash itself indicates the secutiry problem inside of Iceweasel.
I have tried with Firefox 2.10.15 with the same result. Also, I have
heard from a friend of mine that the problem exists with Firefox 2.0
on Windows XP. So, the problem is not Debian specific, yet the problem
indicates the present a potential security hold inside of the browser,
which should be addressed.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-6-k7
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Versions of packages iceweasel depends on:
ii debianutils 2.17 Miscellaneous utilities specific t
ii fontconfig 2.4.2-1.2 generic font configuration library
ii libatk1.0-0 1.12.4-3 The ATK accessibility toolkit
ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries
ii libcairo2 1.2.4-4.1+etch1 The Cairo 2D vector graphics libra
ii libfontconfig1 2.4.2-1.2 generic font configuration library
ii libfreetype6 2.2.1-5+etch2 FreeType 2 font engine, shared lib
ii libgcc1 1:4.1.1-21 GCC support library
ii libglib2.0-0 2.12.4-2 The GLib library of C routines
ii libgtk2.0-0 2.8.20-7 The GTK+ graphical user interface
ii libjpeg62 6b-13 The Independent JPEG Group's JPEG
ii libmyspell3c2 1:3.1-18 MySpell spellchecking library
ii libpango1.0-0 1.14.8-5 Layout and rendering of internatio
ii libpng12-0 1.2.15~beta5-1 PNG library - runtime
ii libstdc++6 4.1.1-21 The GNU Standard C++ Library v3
ii libx11-6 2:1.0.3-7 X11 client-side library
ii libxft2 2.1.8.2-8 FreeType-based font drawing librar
ii libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library
ii libxp6 1:1.0.0.xsf1-1 X Printing Extension (Xprint) clie
ii libxrender1 1:0.9.1-3 X Rendering Extension client libra
ii libxt6 1:1.0.2-2 X11 toolkit intrinsics library
ii psmisc 22.3-1 Utilities that use the proc filesy
ii zlib1g 1:1.2.3-13 compression library - runtime
iceweasel recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 2.0.0.15-0etch1
Dmitry Potapov wrote:
> Hello Moritz,
>
> Installing the security upgrade (Iceweasel 2.0.0.15-0etch1) fixed this
> problem. So, the bug can be considered closed.
Thanks for your feedback, closing.
Cheers,
Moritz
--- End Message ---
