CVE-2008-5822 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5822): Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other products, allows remote attackers to cause a denial of service (memory consumption and browser hang) via a long CLASS attribute in an HR element in an HTML document.
Any news here? we have xulrunner-1.9.0.8 stable, but what about xulrunner-bin? It's needed for the big Mozilla GLSA...
mozilla has nothing to do here, xulrunner-bin has been removed from tree.
Already on the existing Mozilla GLSA draft.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).