Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other
products, allows remote attackers to cause a denial of service
(memory consumption and browser hang) via a long CLASS attribute in
an HR element in an HTML document.
Any news here? we have xulrunner-22.214.171.124 stable, but what about xulrunner-bin? It's needed for the big Mozilla GLSA...
mozilla has nothing to do here, xulrunner-bin has been removed from tree.
Already on the existing Mozilla GLSA draft.
This issue was resolved and addressed in
GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).