On Wed, 16 Dec 2009 16:37:44 +0200, Yavor Doganov wrote: > block 560871 with 560108 > block 560871 with 560870 > forwarded 560871 > http://sourceforge.jp/projects/kazehakase/lists/archive/devel/2009-December/002871.html > thanks > > I confirm that all versions of kazehakase are affected. But TBH, I > don't see an obvious way to fix this in Kz itself. I'm not tagging > the bug "wontfix", because I'm not entirely sure there is no way to > fix it -- maybe there is, it's just that I don't see it. > > If this issue was known for some time, why there's no CVE assigned? > Maybe it's not so serious, otherwise there would be great disturbance > in the Web, no? > > I hope that this bug gets downgraded or at least granted a > squeeze-ignore tag -- it would be a shame if kazahekase is excluded > from the release just because of this bug. As you say, all > CSS-capable browsers are affected.
you can safely downgrade to important. that's what xulrunner did. as far is i am aware, there is no existing solution, but that doesn't mean that there could be one. someone just needs to look at the problem and figure it out. i think this has a reasonable bad impact because users expect their browsing history to be kept private, and the current behavior is violating their trust. mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
