[Secure-testing-commits] r5373 - data/CVE

Joey Hess joeyh at alioth.debian.org
Sun Jan 28 21:14:11 CET 2007 

Author: joeyh
Date: 2007-01-28 21:14:08 +0100 (Sun, 28 Jan 2007)
New Revision: 5373

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-01-28 19:11:08 UTC (rev 5372)
+++ data/CVE/list	2007-01-28 20:14:08 UTC (rev 5373)
@@ -1219,6 +1219,7 @@
 CVE-2007-0018
 	RESERVED
 CVE-2007-0017 (Multiple format string vulnerabilities in (1) the cdio_log_handler ...)
+	{DSA-1252-1}
 	- vlc 0.8.6-svn20061012.debian-1.2 (bug #405425; medium)
 CVE-2007-0016 (Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers ...)
 	NOT-FOR-US: MoviePlay
@@ -2066,6 +2067,7 @@
 	NOTE: Flaw was introduced in Firefox 1.5.0.4
 	- icedove 1.5.0.9.dfsg1-1 (high)
 CVE-2006-6503 (Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird ...)
+	{DSA-1253-1}
 	NOTE: MFSA-2006-72
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner 1.8.0.9-1 (high)
@@ -2076,6 +2078,7 @@
 	- mozilla-thunderbird <removed> (high)
 	- icedove 1.5.0.9.dfsg1-1 (high)
 CVE-2006-6502 (Use-after-free vulnerability in the LiveConnect bridge code for ...)
+	{DSA-1253-1}
 	NOTE: MFSA-2006-71
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner 1.8.0.9-1 (high)
@@ -2087,6 +2090,7 @@
 	- icedove 1.5.0.9.dfsg1-1 (unimportant)
 	NOTE: Not exploitable in standard Icedove configuration
 CVE-2006-6501 (Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...)
+	{DSA-1253-1}
 	NOTE: MFSA-2006-70
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner 1.8.0.9-1 (high)
@@ -2107,6 +2111,7 @@
 	- mozilla-thunderbird <not-affected> (windows only)
 	- icedove <not-affected> (windows only)
 CVE-2006-6499 (The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x ...)
+	{DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner 1.8.0.9-1 (high)
@@ -2119,6 +2124,7 @@
 	NOTE: Is it possible to reduce the floating point precision in Linux as a non-priv
 	NOTE: user? I don't think so
 CVE-2006-6498 (Multiple unspecified vulnerabilities in the JavaScript engine for ...)
+	{DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (high)
 	- xulrunner 1.8.0.9-1 (high)
@@ -2129,6 +2135,7 @@
 	- mozilla-thunderbird <removed> (low)
 	- icedove 1.5.0.9.dfsg1-1 (low)
 CVE-2006-6497 (Multiple unspecified vulnerabilities in the layout engine for Mozilla ...)
+	{DSA-1253-1}
 	NOTE: MFSA-2006-68
 	- iceweasel 2.0.0.1+dfsg-1 (medium)
 	- xulrunner 1.8.0.9-1 (medium)

More information about the Secure-testing-commits mailing list