[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-gnuzilla] Unpatched security flaws in IceCat
From: |
Rubén Rodríguez |
Subject: |
Re: [Bug-gnuzilla] Unpatched security flaws in IceCat |
Date: |
Thu, 13 Aug 2015 14:05:03 -0500 |
> 1. GNU IceCat 38.2.
I'm working on that, I have a mostly usable version already and it needs
some final polishing. I wanted to delay the release until I could bring
a series of new features in, but given how security patching is being
handled upstream I'll just release with no newer features and add them
in the future.
I'll make a test build and post it to the list so volunteers can help
list the things to be polished.
> 2. Backports of these fixes to GNU IceCat 31.8.
>
> I've already backported the fix for CVE-2015-4495, which was included in
> Firefox ESR 38.1.1, here:
>
>
> http://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/patches/icecat-CVE-2015-4495.patch
Since I understand this is the most important security bug in the list,
I'll make a 31.8.0-gnu2 release with this patch.