clone 570743 -1 retitle 570743 xulrunner: CVE-2010-0654 cross-origin CSS data theft retitle -1 xulrunner: CVE-2010-0648 redirect target leak forwarded 570743 https://bugzilla.mozilla.org/show_bug.cgi?id=524223 thanks
The first of these, CVE-2010-0654, is fixed in upstream trunk (future 1.9.3.x). A more hackish fix looks like it'll appear in one of the next releases of 1.9.2.x, possibly 1.9.2.4.
Splitting off CVE-2010-0648 into a separate bug, which I don't know anything about.
-Mark -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
