Hi, I went through the CVE list on the security tracker, and noted 2 CVEs marked as vulnerable in testing/unstable while it is not the case: - CVE-2009-4630 was fixed during the gecko 1.9.1 development cycle, and as such was already fixed in all 2.x versions of iceape and 1.9.1.x and 1.9.2.x versions of xulrunner. - CVE-2010-0182 was fixed in xulrunner 1.9.1.9-1, but I had to leave it out of the changelog because at the time I wrote it, the equivalent MFSA information was broken on mozilla.org, and I couldn't know what CVE it was about.
Cheers, Mike -- To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100413222749.ga4...@glandium.org