package: xulrunner version: 1.9.0.13-0 severity: serious tags: security hi,
it has been disclosed that it is possible for any website to query the user's site viewing history via css. please see [0]. i have not personally checked whether this package is vulnerable, but it seems to be a general css design issue, so all css-supporting browsers are likely affected. please check, and feel free to close the bug if the package is not affected. thanks. mike [0] http://thecoffeedesk.com/news/index.php/2009/08/02/view-remote-browser-history/ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
