[Secure-testing-commits] r5202 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Sat Dec 30 22:00:34 CET 2006
Author: stef-guest
Date: 2006-12-30 22:00:32 +0100 (Sat, 30 Dec 2006)
New Revision: 5202
Modified:
data/CVE/list
Log:
CVE-2006-4842: new xulrunner issue (low)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-30 09:02:34 UTC (rev 5201)
+++ data/CVE/list 2006-12-30 21:00:32 UTC (rev 5202)
@@ -4274,7 +4274,11 @@
CVE-2006-4843
RESERVED
CVE-2006-4842 (The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in ...)
- TODO: check
+ - xulrunner <unfixed> (low; bug filed)
+ [sarge] - mozilla <unfixed> (low)
+ NOTE: could not find setuid binary in sid, but evolution-data-server has a setgid mail binary
+ NOTE: see https://bugzilla.mozilla.org/show_bug.cgi?id=351470
+ TODO: check whether sarge has a setuid/setgid binary linking against libnspr
CVE-2006-4841
RESERVED
CVE-2006-4840
More information about the Secure-testing-commits
mailing list