Guiseppe, in the process of doing the embedded code copies triage, i've come across a lot of cases where tracking for kompozer is not done. i understand that this package is relatively new, but since it is derived from existing code, it should be checked retroactively for vulnerabilities. it looks like the code is copied from firefox/thunderbird 2.0.0.20 (according to './mozilla/browser/config/version.txt' and other version files, but that could be wrong).
i see that you are the maintainer; can you go through all of the cves affecting iceape and either tag kompozer not-affected or fixed? this would help me out a lot since you are already familiar with the package, and i have a lot of other issues to look at. thanks. mike _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
