Hello *, On Wed, Jun 22, 2005 at 11:26:50AM -0400, Ralph Katz wrote: > It's curious that firefox 1.0.4-3 in sid has a security patch for the > frame injection spoofing bug, but there is no security release for > 1.0.4-2 in sarge. > > >From http://packages.qa.debian.org/m/mozilla-firefox/news/1.html : > > > Fix injection spoofing, patch from bz#296850. Fixes CAN-2004-0718. > > Comments?
I can't really comment on this. It's entirely up to the security team when they'll release DSAs. Possibly there are still some issues that need to be resolved, but I don't know. All I've heard is that apparently the infrastructure seems to be intact... Cheers, Flo
signature.asc
Description: Digital signature
