See link for all details. Mozilla Bugzilla references are: https://bugzilla.mozilla.org/show_bug.cgi?id=69070 https://bugzilla.mozilla.org/show_bug.cgi?id=234416 https://bugzilla.mozilla.org/show_bug.cgi?id=261527
Mozilla please review and advise.
Personally I'm not interested in trying to handle mozilla/firefox/thunderbird security bugs before they're handled upstream, where they can determine properly whether a problem is severe and whether a fix is really ready for release. Sune, you filed the bug, how about telling us why we should care about these before mozilla.org does something about them?
Firefox is fixed in version 1.0, according to http://www.squarefree.com/burningedge/releases/1.0.html
Note that https://bugzilla.mozilla.org/show_bug.cgi?id=261527 is MacOSX only. Mozilla 1.7.5 is planned for mid-December, we'll wait for the versions to be at the same level of security to issue a GLSA. Thunderbird is probably not affected by any of these.
69070 is fixed in mozilla 1.7.5 234416 looks firefox-specific 261527 is MacOS/X only. missing ebuilds / stable marking will be tracked through bug 68976
Security: Please vote on GLSA need on this one... I vote NO here too. One of the reasons being the lack of solid information from Mozilla.org.
I also vote NO on this one.
Closed without GLSA
GLSA 200501-03