Bug#561754: marked as done (qt4-x11: remote info disclosure via css)

To: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>
Subject: Bug#561754: marked as done (qt4-x11: remote info disclosure via css)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 18 Apr 2015 16:48:04 +0000
Message-id: <[🔎] handler.561754.D561754.142937545025500.ackdone@bugs.debian.org>
References: <5336718.eLaf9I0r0k@luna> <20091219230538.2622f0e8.michael.s.gilbert@gmail.com>

Your message dated Sat, 18 Apr 2015 13:43:44 -0300
with message-id <5336718.eLaf9I0r0k@luna>
and subject line Not present at least since Wheezy
has caused the Debian Bug report #561754,
regarding qt4-x11: remote info disclosure via css
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
561754: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561754
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: qt4-x11: remote info disclosure via css
From: Michael Gilbert <michael.s.gilbert@gmail.com>
Date: Sat, 19 Dec 2009 23:05:38 -0500
Message-id: <20091219230538.2622f0e8.michael.s.gilbert@gmail.com>

package: qt4-x11
version: 4:4.5.3-4 
severity: important
tags: security

hi,

it has been disclosed that it is possible for any website to query the
user's site viewing history via css.  please see [0].  i have not
personally checked whether this package is vulnerable, but it seems to
be a general css design issue, so all css-supporting browsers are
likely affected. please check, and feel free to close the bug if the
package is not affected.   thanks.

mike

[0]
http://thecoffeedesk.com/news/index.php/2009/08/02/view-remote-browser-history/
Hi,

Your package embeds source code from xulrunner, which makes
security updates very cumbersome, difficult, and potentially
error-prone.  Please update your package to make use of the
shared library.  Thank you for your attention on this matter.

Best wishes,
Mike

--- End Message ---

--- Begin Message ---

To: 561754-done@bugs.debian.org

Subject: Not present at least since Wheezy

From: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>

Date: Sat, 18 Apr 2015 13:43:44 -0300

Message-id: <5336718.eLaf9I0r0k@luna>
Version: 4.8.2+dfsg-11

Actually we are not shipping this code since at least Wheezy, so closing the 
bug with it's version.

-- 
"In college, I cooked some hot dogs by putting metal forks in each end of the
hot dog and running 120 volts through it. Hot dogs have just enough
conductivity so that this works well"
  greenroom(576281) - on a truly geeky way to cook hot dogs.
  Posted in Slashdot, also found in The Open Source Cookbook for Geeks.

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/
Attachment: signature.asc
Description: This is a digitally signed message part.

--- End Message ---

Reply to:

Prev by Date: Bug#643765: marked as done (qt4-qmlviewer: qmlviewer on mips fails to "Bus error")
Next by Date: Bug#696096: marked as done (qt4-x11 ia64 FTBFS only on the buildds)
Previous by thread: Bug#643765: marked as done (qt4-qmlviewer: qmlviewer on mips fails to "Bus error")
Next by thread: Bug#696096: marked as done (qt4-x11 ia64 FTBFS only on the buildds)
Index(es):
- Date
- Thread