xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems:

• CVE-2010-0183
  “wushi” discovered that incorrect pointer handling in the frame
  processing code could lead to the execution of arbitrary code.
• CVE-2010-1196
  “Nils” discovered that an integer overflow in DOM node parsing could
  lead to the execution of arbitrary code.
• CVE-2010-1197
  Ilja von Sprundel discovered that incorrect parsing of
  Content-Disposition headers could lead to cross-site scripting.
• CVE-2010-1198
  Microsoft engineers discovered that incorrect memory handling in the
  interaction of browser plugins could lead to the execution of
  arbitrary code.
• CVE-2010-1199
  Martin Barbella discovered that an integer overflow in XSLT node
  parsing could lead to the execution of arbitrary code.
• CVE-2010-1200
  Olli Pettay, Martijn Wargers, Justin Lebar, Jesse Ruderman, Ben
  Turner, Jonathan Kew and David Humphrey discovered crashes in the
  layout engine, which might allow the execution of arbitrary code.
• CVE-2010-1201
  “boardraider” and “stedenon” discovered crashes in the layout engine,
  which might allow the execution of arbitrary code.
• CVE-2010-1202
  Bob Clary, Igor Bukanov, Gary Kwong and Andreas Gal discovered crashes
  in the Javascript engine, which might allow the execution of arbitrary
  code.

For the stable distribution (lenny), these problems have been fixed in
version 1.9.0.19-2.

For the unstable distribution (sid), these problems have been fixed in
version 1.9.1.10-1

For the experimental distribution, these problems have been fixed in
version 1.9.2.4-1.

We recommend that you upgrade your xulrunner packages.