-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I think the question here is, does Mozilla and Mozilla based applications use this library for processing jpeg files or does it use it's own code?
Florian Weimer wrote: |>I noticed that the following flaw in GDI+ affects many products: |>http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx |> |>Of course MS does not list any third party products. Anyone know |>whether Mozilla (specifically FireFox) is affected, in what version |>it's fixed, etc? | | | It's unlikely that other code is affected as well. Why? Older | Microsoft code seems to be fine, too -- and it's more likely that they | have moved away from the JPEG reference code than too it. | | (This only refers to Mozilla on non-Windows platforms. Mozilla on | Windows could still open exploitation vectors.) | _______________________________________________ | Mozilla-security mailing list | [EMAIL PROTECTED] | http://mail.mozilla.org/listinfo/mozilla-security -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBSwk/fLPhlaxNQk0RAoVWAJ9G6ghNRZ9BbdDAU3D5UxMQ/by3agCfafUq NnCsybxQJIBvXl8TCfWET8c= =5cNz -----END PGP SIGNATURE----- _______________________________________________ Mozilla-security mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-security
