[Secure-testing-commits] r5060 - in data: CVE DSA

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Mon Dec 4 21:40:21 CET 2006 

Author: jmm-guest
Date: 2006-12-04 21:40:17 +0100 (Mon, 04 Dec 2006)
New Revision: 5060

Modified:
   data/CVE/list
   data/DSA/list
Log:
snew dsas
squirrelmail unimportant
one more mozilla cleanup


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-12-04 19:49:15 UTC (rev 5059)
+++ data/CVE/list	2006-12-04 20:40:17 UTC (rev 5060)
@@ -277,7 +277,8 @@
 	RESERVED
 CVE-2006-6142 [squirrelmail XSS]
 	RESERVED
-	- squirrelmail 2:1.4.9-1
+	- squirrelmail 2:1.4.9a-1 (unimportant)
+	NOTE: Only exploitable with IE, needs (and has been) to be fixed there 
 CVE-2006-6141 (Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a ...)
 	NOT-FOR-US: Tftpd32
 CVE-2006-6140 (PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang ...)
@@ -1123,8 +1124,11 @@
 	- mozilla <unfixed> (medium)
 	[sarge] - mozilla <not-affected> (Vulnerable code not present)
 	- xulrunner <unfixed> (high)
+	- mozilla-firefox <removed>
+	- mozilla-thunderbird <removed>
+	[sarge] - mozilla <not-affected> (Vulnerable code not present)
 	[sarge] - mozilla-firefox <not-affected> (Vulnerable code not present)
-	- mozilla-thunderbird <removed> (medium)
+	[sarge] - mozilla-thunderbird <not-affected> (Vulnerable code not present)
 CVE-2006-5746 (The console in AirMagnet Enterprise before 7.5 build 6307 does not ...)
 	NOT-FOR-US: AirMagnet
 CVE-2006-5745 (Unspecified vulnerability in the setRequestHeader method in the ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2006-12-04 19:49:15 UTC (rev 5059)
+++ data/DSA/list	2006-12-04 20:40:17 UTC (rev 5060)
@@ -1,3 +1,9 @@
+[04 Dec 2006] DSA-1227-1 mozilla-thunderbird
+	{CVE-2006-4310 CVE-2006-5462 CVE-2006-5463 CVE-2006-5464 CVE-2006-5748}
+	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8d.1.dsc
+[03 Dec 2006] DSA-1226-1 links
+	{CVE-2006-5925}
+	[sarge] - links 0.99+1.00pre12-1sarge1
 [03 Dec 2006] DSA-1225-1 mozilla-firefox
 	{CVE-2006-4310 CVE-2006-5462 CVE-2006-5463 CVE-2006-5464 CVE-2006-5748}
 	[sarge] - mozilla-firefox 1.0.4-2sarge13

More information about the Secure-testing-commits mailing list