[Secure-testing-commits] r4832 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Mon Oct 9 16:48:40 UTC 2006


Author: jmm-guest
Date: 2006-10-09 16:48:39 +0000 (Mon, 09 Oct 2006)
New Revision: 4832

Modified:
   data/CVE/list
Log:
some cleanup work on mozilla


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-10-09 16:47:49 UTC (rev 4831)
+++ data/CVE/list	2006-10-09 16:48:39 UTC (rev 4832)
@@ -2023,8 +2023,9 @@
 	- firefox 1.5.dfsg+1.5.0.7-1 (high)
 	- mozilla <unfixed> (high)
 	- mozilla-firefox <removed> (high)
-	[sarge] - mozilla <unfixed> (high)
+	[sarge] - mozilla <unfixed> (low)
 	[sarge] - mozilla-thunderbird <unfixed> (low)
+	NOTE: On Sarge this is only a DoS, not code injection
 	- thunderbird 1.5.0.7-1 (low)
 CVE-2006-4252
 	RESERVED
@@ -20060,7 +20061,8 @@
 CVE-2005-2115 (Soldier of Fortune II 1.02x and 1.03 allows remote attackers to cause ...)
 	NOT-FOR-US: Soldier of Fortune
 CVE-2005-2114 (Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and ...)
-	NOTE: cannot reproduce with firefox 1.0.5-1 using POC exploits
+	NOTE: cannot reproduce with firefox 1.0.5-1 and Sarge's Mozilla using POC exploits
+	[sarge] - mozilla <not-affected> (Unreproducible)
 	- mozilla 2:1.7.10-1 (bug #318723; medium)
 CVE-2005-2113 (SQL injection vulnerability in the loginUser function in the XMLRPC ...)
 	- xoops <itp> (bug #207640)




More information about the Secure-testing-commits mailing list