[Secure-testing-commits] r3426 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Sun Feb 5 11:56:01 UTC 2006 

Author: jmm-guest
Date: 2006-02-05 11:55:55 +0000 (Sun, 05 Feb 2006)
New Revision: 3426

Modified:
   data/CVE/list
Log:
actually Firefox 1.0 and Mozilla suite 1.7 aren't affected for most issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-02-05 11:48:35 UTC (rev 3425)
+++ data/CVE/list	2006-02-05 11:55:55 UTC (rev 3426)
@@ -591,25 +591,38 @@
 CVE-2006-0300
 	RESERVED
 CVE-2006-0299 (The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird ...)
+	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
+	- mozilla <not-affected> (E4X not implemented in Mozilla 1.7)
 	- mozilla-firefox <unfixed> (bug #351442)
 	- mozilla-thunderbird <unfixed>
+	NOTE: This does currently only affect experimental, 1.0.x are safe
 CVE-2006-0298 (The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before ...)
+	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
+	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 	- mozilla-firefox <unfixed> (bug #351442)
+	NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe
 	- mozilla-thunderbird <unfixed>
 CVE-2006-0297 (Multiple integer overflows in Mozilla Firefox 1.5, Thunderbird 1.5 if ...)
+	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
+	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 	- mozilla-firefox <unfixed> (bug #351442)
+	NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe
 	- mozilla-thunderbird <unfixed>
 CVE-2006-0296 (The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, ...)
+	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- mozilla-firefox <unfixed> (bug #351442)
 	- mozilla-thunderbird <unfixed>
+	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 CVE-2006-0295 (Mozilla Firefox 1.5, Thunderbird 1.5 if Javascript is enabled in mail, ...)
 	- mozilla-firefox <unfixed> (bug #351442)
+	NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe
 	- mozilla-thunderbird <unfixed>
 CVE-2006-0294 (Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript ...)
 	- mozilla-firefox <unfixed> (bug #351442)
+	NOTE: This does currently only affect Firefox from experimental, 1.0.x are safe
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
+	- mozilla <not-affected> (Mozilla 1.7 is not affected)
 	- mozilla-thunderbird <unfixed>
-	NOTE: This does currently only affect experimental, 1.0.x are safe
 CVE-2006-0293 (The function allocation code (js_NewFunction in jsfun.c) in Firefox ...)
 	- mozilla-firefox <unfixed> (bug #351442)
 	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
@@ -2340,6 +2353,7 @@
 	NOT-FOR-US: SimpleBBS
 CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before ...)
 	- mozilla-firefox <unfixed> (unimportant)
+	- mozilla <unfixed> (unimportant)
 	NOTE: Not exploitable beyond a sluggish browser startup, see
 	NOTE: http://www.mozilla.org/security/history-title.html
 CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...)

More information about the Secure-testing-commits mailing list