Your message dated Mon, 20 Jan 2014 23:46:15 +0000 with message-id <[email protected]> and subject line Bug#736165: Removed package(s) from unstable has caused the Debian Bug report #142317, regarding mozilla-browser: strange middlemouse behavior leads to security problem to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 142317: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=142317 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: mozilla-browser Version: 2:0.9.9-4pre5v4 Severity: grave Tags: security Justification: user security hole The default mozilla behavior attempts to use the clipboard paste buffer as a URL whenever the middle mouse button is pressed anywhere in the display window, even if the clipboard contents are manifestly *not* a URL (selected web page text, emacs buffer contents, shell commands, etc.) This frequently causes the user's private data in the clipboard to be accidentally sent across the network, either to search servers or to the DNS. Therefore I am calling this a security bug which exposes user data. The fix is simple: add the line user_pref("middlemouse.contentLoadURL", false); to /etc/mozilla/prefs.js to turn off this "feature". Mozilla bugzilla bug 85677 has more information; see especially comments 11, 14, and 15. http://bugzilla.mozilla.org/show_bug.cgi?id=85677 -- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux skiffserv 2.4.17 #1 Fri Feb 8 14:08:32 EST 2002 i686 Locale: LANG=C, LC_CTYPE=C Versions of packages mozilla-browser depends on: ii debconf 1.0.32 Debian configuration management sy ii libc6 2.2.5-4 GNU C Library: Shared libraries an ii libglib1.2 1.2.10-ximian.2 The GLib library of C routines ii libgtk1.2 1.2.10-ximian.21 The GIMP Toolkit set of widgets fo ii libjpeg62 6b-5 The Independent JPEG Group's JPEG ii libnspr4 2:0.9.9-4pre5v4 Netscape Portable Runtime Library ii libstdc++2.10-glibc2.2 1:2.95.4-5 The GNU stdc++ library ii xlibs 4.1.0-15 X Window System client libraries ii zlib1g 1:1.1.4-1 compression library - runtime
--- End Message ---
--- Begin Message ---Version: 2.7.12-1+rm Dear submitter, as the package iceape has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/736165 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]. Debian distribution maintenance software pp. Ansgar Burchardt (the ftpmaster behind the curtain)
--- End Message ---

