package: qt4-x11 version: 4:4.5.3-4 severity: important tags: security hi,
it has been disclosed that it is possible for any website to query the user's site viewing history via css. please see [0]. i have not personally checked whether this package is vulnerable, but it seems to be a general css design issue, so all css-supporting browsers are likely affected. please check, and feel free to close the bug if the package is not affected. thanks. mike [0] http://thecoffeedesk.com/news/index.php/2009/08/02/view-remote-browser-history/ Hi, Your package embeds source code from xulrunner, which makes security updates very cumbersome, difficult, and potentially error-prone. Please update your package to make use of the shared library. Thank you for your attention on this matter. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-qt-kde-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
