[Fwd: Re: New Mozilla vulnerabilities??]
Christopher Aillon
caillon at redhat.com
Mon Jun 12 17:07:43 UTC 2006
Matthew Miller wrote:
> On Mon, Jun 12, 2006 at 06:43:22AM -0400, Josh Bressers wrote:
>
>> The plan is to move everything to seamonkey, but there is much testing that
>> needs to be done. We're not ready yet, which is why we are backporting the
>> critical patches first.
>>
>
> But in the meantime, what about firefox in FC5, which is already 1.5.0.x?
> Does the (presumably) easier fix for the current release have to wait on the
> harder work for the older releases? As far as I can tell, there wasn't even
> a bug entry for this, and I had to file it myself. (And it's gotten no
> response at all.)
>
> <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194617>
>
> C'mon, it may not be a remote root compromise, but it is highly visible and
> _could_ allow remote code execution. Fedora can do better than this!
>
>
If someone wants to simply rev the spec, commit, and build, that's fine
(and very welcome) as long as the Release is set to 2 for rawhide, and
1.1.fc5 for fc5 (to keep up with my numbering scheme). I find its best
to not jump out of doing something you'd rather not jump back into,
which is why I'm focusing on the backport.
More information about the security
mailing list