On Sun, 13 Sep 2009 21:06:59 +0200 Pascal Stumpf wrote: > Hi, > > In the recently published Firefox update (3.0.14), several security > vulnerabilities have been fixed. Now, since obviously Debian doesn’t include > new upstream releases in stable (3.0.14 was accepted in unstable though), I > was wondering if Iceweasel is affected by these security vulnerabilities too, > namely: CVE-2009-3070, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075, > CVE-2009-3077 and CVE-2009-3079 (MSFA 2009-51, 49 and 47).
hi, yes, lenny's iceweasel is indeed affected by these issues. the security team is in the process of preparing updates to lenny's xulrunner-1.9 packages for this (debian's iceweasel packages are made to use the xulrunner library, so that is the only part that needs to be updated). this will happen sometime soon, but someone else on the team will need to speak on when. mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
