[Secure-testing-commits] r3848 - data/CVE

Sat Apr 22 10:58:14 UTC 2006

Author: stef-guest
Date: 2006-04-22 10:58:06 +0000 (Sat, 22 Apr 2006)
New Revision: 3848

Modified:
   data/CVE/list
Log:
firefox fixed

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2006-04-22 10:42:44 UTC (rev 3847)
+++ data/CVE/list	2006-04-22 10:58:06 UTC (rev 3848)
@@ -558,7 +558,7 @@
 	- thunderbird <unfixed> (low)
 	- mozilla-thunderbird <unfixed> (low)
 CVE-2006-1730 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ...)
-	- firefox <unfixed> (high)
+	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox <unfixed> (high)
 	- mozilla-browser <unfixed> (high)
 	- thunderbird <unfixed> (medium)
@@ -566,18 +566,18 @@
 	NOTE: MFSA2006-22 says that it is not clear whether Thunderbird is
 	NOTE: exploitable in the default configuration.
 CVE-2006-1729 (Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla ...)
-	- firefox <unfixed> (medium)
+	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla-firefox <unfixed> (medium)
 	- mozilla-browser <unfixed> (medium)
 	NOTE: Can likely be used to steal OpenSSH keys and the like.
 CVE-2006-1728 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...)
-	- firefox <unfixed> (high)
+	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox <unfixed> (high)
 	- mozilla-browser <unfixed> (high)
 	- thunderbird <unfixed> (medium)
 	- mozilla-thunderbird <unfixed> (medium)
 CVE-2006-1727 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...)
-	- firefox <unfixed> (medium)
+	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla-firefox <unfixed> (medium)
 	- mozilla-browser <unfixed> (medium)
 	- thunderbird <unfixed> (medium)
@@ -585,14 +585,14 @@
 	NOTE: If print preview (and this bug) can be triggered from JavaScript,
 	NOTE: the urgency should probably be raised.
 CVE-2006-1726 (Unspecified vulnerability in Firefox and Thunderbird 1.5 before ...)
-	- firefox <unfixed> (high)
+	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- thunderbird <unfixed> (medium)
 	NOTE: New bug in Firefox 1.5.
 CVE-2006-1725 (Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes ...)
-	- firefox <unfixed> (low)
+	- firefox 1.5.dfsg+1.5.0.2-1 (low)
 	NOTE: New bug in Firefox 1.5.
 CVE-2006-1724 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...)
-	- firefox <unfixed> (medium)
+	- firefox 1.5.dfsg+1.5.0.2-1 (medium)
 	- mozilla-firefox <unfixed> (medium)
 	- mozilla-browser <unfixed> (medium)
 	- thunderbird <unfixed> (low)
@@ -2212,6 +2212,7 @@
 	- monopd <unfixed> (bug #355797)
 CVE-2006-1045 (The HTML rendering engine in Mozilla Thunderbird 1.5, when &quot;Block ...)
 	- mozilla-thunderbird <unfixed> (low)
+	- firefox 1.5.dfsg+1.5.0.2-1
 CVE-2006-1044 (Multiple buffer overflows in LISTSERV 14.3 and 14.4, including ...)
 	NOT-FOR-US: LISTSERV
 CVE-2006-1043 (Stack-based buffer overflow in Microsoft Visual Studio 6.0 and ...)
@@ -2551,6 +2552,7 @@
 	NOT-FOR-US: CuteNews
 CVE-2006-0884 (The WYSIWYG rendering engine in Mozilla Thunderbird 1.0.7 and earlier ...)
 	- mozilla-thunderbird <unfixed>
+	- firefox 1.5.dfsg+1.5.0.2-1
 CVE-2003-1295 (Unspecified vulnerability in xscreensaver 4.12, and possibly other ...)
 	- xscreensaver 4.21-1
 	NOTE: Might be fixed earlier, but I've verified that the SuSE patch is included
@@ -2843,7 +2845,7 @@
 	- thunderbird <unfixed> (low)
 	- mozilla-thunderbird <unfixed> (low)
 CVE-2006-0748 (Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before ...)
-	- firefox <unfixed> (high)
+	- firefox 1.5.dfsg+1.5.0.2-1 (high)
 	- mozilla-firefox <unfixed> (high)
 	- mozilla-browser <unfixed> (high)
 	- thunderbird <unfixed> (high)
@@ -15718,6 +15720,7 @@
 	- freeradius 1.0.2-4
 CVE-2005-2353 (run-mozilla.sh in Thunderbird, with debugging enabled, allows local ...)
 	- mozilla-thunderbird 1.0.6-1 (bug #306893; low)
+	- firefox 1.5.dfsg+1.5.0.2-1
 CVE-2005-XXXX [Directory traversal in unzoo]
 	- unzoo 4.4-4
 CVE-2005-XXXX [Logging bypassing through SIGHUP in syslog-ng]


