[Secure-testing-commits] r7024 - data/CVE

nion at alioth.debian.org nion at alioth.debian.org
Sat Oct 20 08:29:34 UTC 2007 

Author: nion
Date: 2007-10-20 08:29:33 +0000 (Sat, 20 Oct 2007)
New Revision: 7024

Modified:
   data/CVE/list
Log:
CVE-2007-5340, CVE-2007-5339, CVE-2007-5338, CVE-2007-5337, CVE-2007-5334, CVE-2007-4841, CVE-2007-3511, CVE-2007-2292, CVE-2007-1095 and CVE-2006-2894 fixed in iceweasel 2.0.0.8-1


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-10-20 08:15:35 UTC (rev 7023)
+++ data/CVE/list	2007-10-20 08:29:33 UTC (rev 7024)
@@ -780,19 +780,24 @@
 CVE-2007-5340
 	RESERVED
 	{DSA-1391-1}
+	- iceweasel 2.0.0.8-1
 CVE-2007-5339
 	RESERVED
 	{DSA-1391-1}
+	- iceweasel 2.0.0.8-1
 CVE-2007-5338
 	RESERVED
+	- iceweasel 2.0.0.8-1
 CVE-2007-5337
 	RESERVED
+	- iceweasel 2.0.0.8-1
 CVE-2007-5336
 	RESERVED
 CVE-2007-5335
 	RESERVED
 CVE-2007-5334
 	RESERVED
+	- iceweasel 2.0.0.8-1
 CVE-2007-5333
 	RESERVED
 CVE-2007-5332 (Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd ...)
@@ -2035,7 +2040,7 @@
 CVE-2007-4842 (Directory traversal vulnerability in Enriva Development Magellan ...)
 	NOT-FOR-US: Magellan Explorer
 CVE-2007-4841 (Mozilla Firefox 2.0.0.6 allows remote attackers to execute arbitrary ...)
-	- iceweasel <unfixed>
+	- iceweasel 2.0.0.8-1
 	- iceape <unfixed>
 	- mozilla-firefox <removed>
 	- mozilla <removed>
@@ -5102,7 +5107,7 @@
 CVE-2007-3512 (Stack-based buffer overflow in Lhaca File Archiver before 1.22 allows ...)
 	NOT-FOR-US: Lhaca
 CVE-2007-3511 (The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12 ...)
-	- iceweasel <unfixed> (bug #438873; low)
+	- iceweasel 2.0.0.8-1 (bug #438873; low)
 CVE-2007-3510
 	RESERVED
 CVE-2007-3509 (Heap-based buffer overflow in the RPC subsystem in Symantec Backup ...)
@@ -8031,7 +8036,7 @@
 	[lenny] - asterisk <not-affected> (vulnerable code not present)
 	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-010.html
 CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication support for ...)
-	- iceweasel <unfixed> (low)
+	- iceweasel 2.0.0.8-1 (low)
 	[etch] - iceweasel <no-dsa> (Minor issue)
 	- firefox <removed> (low)
 	- mozilla <removed> (low)
@@ -11012,7 +11017,7 @@
 CVE-2007-1096 (Cross-site scripting (XSS) vulnerability in ps_cart.php in VirtueMart ...)
 	NOT-FOR-US: VirtueMart
 CVE-2007-1095 (Mozilla Firefox does not properly implement JavaScript onUnload ...)
-	- iceweasel <unfixed> (low; bug #445514)
+	- iceweasel 2.0.0.8-1 (low; bug #445514)
 	NOTE: Pending for upcoming security releases
 CVE-2007-1094 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...)
 	NOT-FOR-US: Microsoft IE
@@ -23055,6 +23060,7 @@
 CVE-2006-2895 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.6.0 up to ...)
 	- mediawiki <not-affected> (Affects only 1.6.0-1.6.6)
 CVE-2006-2894 (Mozilla Firefox 1.5.0.4, Mozilla Suite 1.7.13, Mozilla SeaMonkey ...)
+	- iceweasel 2.0.0.8-1
 	NOTE: There are very few scenarios, where this could be exploited
 	NOTE: We can probably ignore this
 CVE-2006-2893 (index.php in GANTTy 1.0.3 allows remote attackers to obtain the full ...)

More information about the Secure-testing-commits mailing list