[Secure-testing-commits] r5499 - data/CVE
Stefan Fritsch
stef-guest at alioth.debian.org
Sat Mar 3 11:53:43 CET 2007
Author: stef-guest
Date: 2007-03-03 10:53:39 +0000 (Sat, 03 Mar 2007)
New Revision: 5499
Modified:
data/CVE/list
Log:
dropbear, iceape, xulrunner fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-03-01 17:02:52 UTC (rev 5498)
+++ data/CVE/list 2007-03-03 10:53:39 UTC (rev 5499)
@@ -125,7 +125,7 @@
CVE-2007-1100 (Directory traversal vulnerability in download.php in Pickle allows ...)
NOT-FOR-US: Pickle
CVE-2007-1099 (dbclient in Dropbear SSH client before 0.49 does not sufficiently warn ...)
- - dropbear <unfixed> (bug #412899)
+ - dropbear 0.49-1 (bug #412899)
CVE-2007-1098 (Multiple unspecified vulnerabilities in ScryMUD before 2.1.11 have ...)
NOT-FOR-US: ScryMUD
CVE-2007-1097 (Unspecified vulnerability in the upload tool in Wiclear before 0.11.1 ...)
@@ -513,8 +513,8 @@
CVE-2007-0995 (Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey ...)
NOTE: MFSA-2007-02
- iceweasel 2.0.0.2+dfsg-1 (low)
- - iceape <unfixed> (low)
- - xulrunner <unfixed> (low)
+ - iceape 1.0.8-1 (low)
+ - xulrunner 1.8.0.10-1 (low)
[sarge] - mozilla-tunderbird <unfixed> (low)
[sarge] - mozilla-firefox <unfixed> (low)
[sarge] - mozilla <unfixed> (low)
@@ -553,8 +553,8 @@
CVE-2007-0981 (Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x ...)
NOTE: MFSA-2007-07
- iceweasel 2.0.0.1+dfsg-3 (bug #411192; high)
- - xulrunner <unfixed> (high)
- - iceape <unfixed> (high)
+ - xulrunner 1.8.0.10-1 (high)
+ - iceape 1.0.8-1 (high)
- icedove <unfixed>
- mozilla-firefox <removed> (high)
- mozilla-thunderbird <removed>
@@ -1065,8 +1065,8 @@
CVE-2007-0800 (Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked ...)
NOTE: MFSA-2007-05
- iceweasel 2.0.0.2+dfsg-1 (medium)
- - iceape <unfixed> (medium)
- - xulrunner <unfixed> (medium)
+ - iceape 1.0.8-1 (medium)
+ - xulrunner 1.8.0.10-1 (medium)
[sarge] - mozilla-firefox <unfixed> (medium)
[sarge] - mozilla <unfixed> (medium)
- firefox <removed> (medium)
@@ -1113,48 +1113,48 @@
CVE-2007-0780 (browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before ...)
NOTE: MFSA-2007-05
- iceweasel 2.0.0.2+dfsg-1 (medium)
- - iceape <unfixed> (medium)
- - xulrunner <unfixed> (medium)
+ - iceape 1.0.8-1 (medium)
+ - xulrunner 1.8.0.10-1 (medium)
[sarge] - mozilla-firefox <unfixed> (medium)
[sarge] - mozilla <unfixed> (medium)
CVE-2007-0779 (GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and ...)
NOTE: MFSA-2007-04
- iceweasel 2.0.0.2+dfsg-1 (low)
- - iceape <unfixed> (low)
- - xulrunner <unfixed> (low)
+ - iceape 1.0.8-1 (low)
+ - xulrunner 1.8.0.10-1 (low)
[sarge] - mozilla-firefox <not-affected> (introduced in firefox 1.5)
[sarge] - mozilla <not-affected> (introduced in firefox 1.5)
CVE-2007-0778 (The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x ...)
NOTE: MFSA-2007-03
- iceweasel 2.0.0.2+dfsg-1 (low)
- - iceape <unfixed> (low)
- - xulrunner <unfixed> (low)
+ - iceape 1.0.8-1 (low)
+ - xulrunner 1.8.0.10-1 (low)
[sarge] - mozilla-firefox <unfixed> (low)
[sarge] - mozilla <unfixed> (low)
CVE-2007-0777 (The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x ...)
NOTE: MFSA-2007-01
- iceweasel 2.0.0.2+dfsg-1 (high)
- - iceape <unfixed> (high)
+ - iceape 1.0.8-1 (high)
- icedove <unfixed> (low)
- - xulrunner <unfixed> (high)
+ - xulrunner 1.8.0.10-1 (high)
[sarge] - mozilla-firefox <unfixed> (high)
[sarge] - mozilla-thunderbird <unfixed> (low)
[sarge] - mozilla <unfixed> (high)
CVE-2007-0776 (Heap-based buffer overflow in the _cairo_pen_init function in Mozilla ...)
NOTE: MFSA-2007-01
- iceweasel 2.0.0.2+dfsg-1 (high)
- - iceape <unfixed> (high)
+ - iceape 1.0.8-1 (high)
- icedove <unfixed> (low)
- - xulrunner <unfixed> (high)
+ - xulrunner 1.8.0.10-1 (high)
[sarge] - mozilla-firefox <unfixed> (high)
[sarge] - mozilla-thunderbird <unfixed> (low)
[sarge] - mozilla <unfixed> (high)
CVE-2007-0775 (Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox ...)
NOTE: MFSA-2007-01
- iceweasel 2.0.0.2+dfsg-1 (high)
- - iceape <unfixed> (high)
+ - iceape 1.0.8-1 (high)
- icedove <unfixed> (low)
- - xulrunner <unfixed> (high)
+ - xulrunner 1.8.0.10-1 (high)
[sarge] - mozilla-firefox <unfixed> (high)
[sarge] - mozilla-thunderbird <unfixed> (low)
[sarge] - mozilla <unfixed> (high)
@@ -3049,6 +3049,7 @@
CVE-2007-0045 (Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat ...)
NOT-FOR-US: Adobe Acrobat Reader Plugin
NOTE: a fix for this is also in iceweasle 2.0.0.2+dfsg-1 (MFSA-2007-02)
+ NOTE: and icape 1.0.8-1
CVE-2007-0044 (Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet ...)
NOT-FOR-US: Adobe Acrobat Reader Plugin
CVE-2007-0043
@@ -3570,16 +3571,16 @@
CVE-2007-0009 (Stack-based buffer overflow in the SSLv2 support in Mozilla Network ...)
NOTE: MFSA-2007-06
- iceweasel 2.0.0.2+dfsg-1 (low)
- - iceape <unfixed> (low)
- - xulrunner <unfixed> (high)
+ - iceape 1.0.8-1 (low)
+ - xulrunner 1.8.0.10-1 (high)
[sarge] - mozilla-firefox <unfixed> (high)
[sarge] - mozilla <unfixed> (high)
- firefox <removed> (high)
CVE-2007-0008 (Integer underflow in the SSLv2 support in Mozilla Network Security ...)
NOTE: MFSA-2007-06
- iceweasel 2.0.0.2+dfsg-1 (low)
- - iceape <unfixed> (low)
- - xulrunner <unfixed> (high)
+ - iceape 1.0.8-1 (low)
+ - xulrunner 1.8.0.10-1 (high)
[sarge] - mozilla-firefox <unfixed> (high)
[sarge] - mozilla <unfixed> (high)
- firefox <removed> (high)
@@ -4941,10 +4942,10 @@
CVE-2006-6077 (The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and ...)
NOTE: MFSA-2007-02
- iceweasel 2.0.0.2+dfsg-1 (high; bug #409220)
- - iceape <unfixed> (high)
+ - iceape 1.0.8-1 (high)
[sarge] - mozilla-firefox <unfixed> (high)
[sarge] - mozilla <unfixed> (high)
- - xulrunner <unfixed> (medium)
+ - xulrunner 1.8.0.10-1 (medium)
NOTE: Epiphany affected by xulrunner
CVE-2006-6076 (Buffer overflow in the Tape Engine (tapeeng.exe) in Computer ...)
NOT-FOR-US: BrightStor
More information about the Secure-testing-commits
mailing list