-
Committer:
Package Import Robot
-
Author(s):
Seth Arnold
-
Date:
2014-05-14 11:24:15 UTC
-
mfrom:
(29.1.9 lucid-security)
-
Revision ID:
package-import@ubuntu.com-20140514112415-60xlio0nggw05216
Tags: 1.1.1-2ubuntu1.12
* SECURITY UPDATE: cache coherency problems in old Internet Explorer
compatibility functions lead to loss of privacy and cache poisoning
attacks. (LP: #1317663)
- debian/patches/drop_fix_ie_for_vary_1_4.diff: remove fix_IE_for_vary()
and fix_IE_for_attach() functions so Cache-Control and Vary headers are
no longer modified. This may introduce some regressions for IE 6 and IE 7
users. Patch from upstream.
- CVE-2014-1418