CVE-2008-0420 describes an information disclosure bug in the Mozilla
products. It is possible that this flaw could be used by malicious web
content to steal information about a users browsing session.
keep this embargoed until upstream makes it public.
This seems to be a public description of this issue:
This is now public on the Mozilla site:
I'm opening the bug up to the public.
thunderbird-220.127.116.11-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-18.104.22.168-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.