[Secure-testing-commits] r4730 - data/CVE

Moritz Muehlenhoff jmm-guest at costa.debian.org
Fri Sep 15 09:07:21 UTC 2006 

Author: jmm-guest
Date: 2006-09-15 09:07:19 +0000 (Fri, 15 Sep 2006)
New Revision: 4730

Modified:
   data/CVE/list
Log:
new set of mozilla vulnerabilities


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2006-09-14 21:14:35 UTC (rev 4729)
+++ data/CVE/list	2006-09-15 09:07:19 UTC (rev 4730)
@@ -464,18 +464,43 @@
 	RESERVED
 CVE-2006-4571
 	RESERVED
+	- mozilla <unfixed>
+	- firefox <unfixed>
+	- thunderbird <unfixed>
+	[sarge] - mozilla-firefox <unfixed>
+	[sarge] - mozilla-thunderbird <unfixed>
 CVE-2006-4570
 	RESERVED
-CVE-2006-4569
+CVE-2006-4569 [firefox popup blocker xss]
 	RESERVED
+	- firefox <unfixed> (low)
+	[sarge] - mozilla-firefox <unfixed> (low)
 CVE-2006-4568
 	RESERVED
-CVE-2006-4567
+	- mozilla <unfixed> (low)
+	- firefox <unfixed> (low)
+	[sarge] - mozilla-firefox <unfixed> (low)
+CVE-2006-4567 [Spoofing in internal auto update]
 	RESERVED
+	- firefox <unfixed> (unimportant)
+	- thunderbird <unfixed> (unimportant)
+	[sarge] - mozilla-firefox <unfixed> (unimportant)
+	[sarge] - mozilla-thunderbird <unfixed> (unimportant)
+	NOTE: The internal update mechanism is disabled in Debian
 CVE-2006-4566
 	RESERVED
+	- mozilla <unfixed>
+	- firefox <unfixed>
+	- thunderbird <unfixed>
+	[sarge] - mozilla-firefox <unfixed>
+	[sarge] - mozilla-thunderbird <unfixed>
 CVE-2006-4565
 	RESERVED
+	- mozilla <unfixed>
+	- firefox <unfixed>
+	- thunderbird <unfixed>
+	[sarge] - mozilla-firefox <unfixed>
+	[sarge] - mozilla-thunderbird <unfixed>
 CVE-2006-4564 (SQL injection vulnerability in Sources/ManageBoards.php in Simple ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2006-4563 (Cross-site scripting (XSS) vulnerability in the MyHeadlines before ...)
@@ -972,6 +997,11 @@
 	REJECTED
 CVE-2006-4340
 	RESERVED
+	- mozilla <unfixed>
+	- firefox <unfixed>
+	- thunderbird <unfixed>
+	[sarge] - mozilla-firefox <unfixed>
+	[sarge] - mozilla-thunderbird <unfixed>
 CVE-2006-4339 (OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, ...)
 	{DSA-1773-1}
 	- openssl 0.9.8b-3 (medium)
@@ -1167,6 +1197,9 @@
 	- firefox <unfixed>
 	- mozilla <unfixed>
 	- mozilla-firefox <unfixed>
+	[sarge] - mozilla <unfixed>
+	[sarge] - mozilla-thunderbird <unfixed>
+	[sarge] - mozilla-thunderbird <unfixed>
 CVE-2006-4252
 	RESERVED
 CVE-2006-4251

More information about the Secure-testing-commits mailing list