Проверено на 4.0/branch, работает; три из исправлений -- критические: * Fri Feb 08 2008 Damir Shayhutdinov <damir@altlinux> 1:1.1.8-alt1 - 1.1.8 security update + MFSA 2008-10 URL token stealing via stylesheet redirect + MFSA 2008-09 Mishandling of locally-saved plain text files + MFSA 2008-06 Web browsing history and forward navigation stealing + MFSA 2008-05 Directory traversal via chrome: URI + MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution + MFSA 2008-02 Multiple file input focus stealing vulnerabilities + MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12) - Removed .so files from libdir
(In reply to comment #0) > Проверено на 4.0/branch, работает; три из исправлений -- критические: > > * Fri Feb 08 2008 Damir Shayhutdinov <damir@altlinux> 1:1.1.8-alt1 > - 1.1.8 security update > + MFSA 2008-10 URL token stealing via stylesheet redirect > + MFSA 2008-09 Mishandling of locally-saved plain text files > + MFSA 2008-06 Web browsing history and forward navigation stealing > + MFSA 2008-05 Directory traversal via chrome: URI > + MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution > + MFSA 2008-02 Multiple file input focus stealing vulnerabilities > + MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12) > - Removed .so files from libdir Прямой перенос в 4.0/branch невозможен: Package libjscall-sharp version 0.0.2-alt0.SVN20060928.1.1 has an unmet dep: Depends: libgtkembedmoz.so Package avidemux version 2.3.0-alt0.1 has an unmet dep: Depends: libmozjs.so Package liferea-mozilla version 1.2.5-alt1 has an unmet dep: Depends: libgtkembedmoz.so Package gxine version 0.5.11-alt3 has an unmet dep: Depends: libmozjs.so
А ведь кто-то очень хотел чтобы симанки не предоставлял свои библиотеки в %_libdir...
The seamonkey-1.1.8-alt0.M40.1 package passed through 4.0/branch incoming