[Fwd: Re: New Mozilla vulnerabilities??]
Christopher Aillon
caillon at redhat.com
Mon Jun 12 17:07:43 UTC 2006
Matthew Miller wrote:
> On Mon, Jun 12, 2006 at 06:43:22AM -0400, Josh Bressers wrote:
>
>> The plan is to move everything to seamonkey, but there is much testing that
>> needs to be done. We're not ready yet, which is why we are backporting the
>> critical patches first.
>>
>
> But in the meantime, what about firefox in FC5, which is already 1.5.0.x?
> Does the (presumably) easier fix for the current release have to wait on the
> harder work for the older releases? As far as I can tell, there wasn't even
> a bug entry for this, and I had to file it myself. (And it's gotten no
> response at all.)
>
> <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194617>
>
> C'mon, it may not be a remote root compromise, but it is highly visible and
> _could_ allow remote code execution. Fedora can do better than this!
>
>
If someone wants to simply rev the spec, commit, and build, that's fine
(and very welcome) as long as the Release is set to 2 for rawhide, and
1.1.fc5 for fc5 (to keep up with my numbering scheme). I find its best
to not jump out of doing something you'd rather not jump back into,
which is why I'm focusing on the backport.
More information about the Fedora-security-list
mailing list