[Secure-testing-commits] r9430 - data/CVE

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Sun Jul 27 13:17:02 UTC 2008 

Author: jmm-guest
Date: 2008-07-27 13:17:00 +0000 (Sun, 27 Jul 2008)
New Revision: 9430

Modified:
   data/CVE/list
Log:
corrections/additional information on older mozilla issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-07-27 13:14:03 UTC (rev 9429)
+++ data/CVE/list	2008-07-27 13:17:00 UTC (rev 9430)
@@ -15299,9 +15299,10 @@
 CVE-2007-3827 (Mozilla Firefox allows for cookies to be set with a null domain (aka ...)
 	[sarge] - mozilla-firefox <no-dsa> (Mozilla products in Sarge no longer supported)
 	- mozilla-firefox <removed>
-	- iceweasel <unfixed>
-	- iceape <unfixed>
-	- xulrunner <unfixed>
+	- iceweasel <unfixed> (low)
+	- iceape <unfixed> (low)
+	- xulrunner <unfixed> (low)
+        NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=388097
 CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation in ...)
@@ -17194,12 +17195,13 @@
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2007-3074 (Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read ...)
 	- iceweasel 2.0.0.4-1 (low)
-	- iceape 1.1.2-1 (low)
+	- iceape 1.0.9-1 (low)
 	- xulrunner 1.8.1.4-1 (low)
 CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and ...)
 	- iceweasel <unfixed> (low)
 	- iceape <unfixed> (low)
 	- xulrunner <unfixed> (low)
+        NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=380994
 CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.4 on ...)
 	- iceweasel <not-affected> (Only affects Windows versions of Firefox)
 CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain ActiveX ...)
@@ -19586,7 +19588,6 @@
 	{DSA-1551-1}
 	- python2.4 2.4.4-3 (bug #416931; low)
 	- python2.5 2.5.1-1 (bug #416934; low)
-	[etch] - python2.5 <no-dsa> (Minor issue)
 	- python2.3 <unfixed> (low)
 CVE-2007-2051 (Buffer overflow in the parsecmd function in bftpd before 1.8 has ...)
 	NOT-FOR-US: bftpd

More information about the Secure-testing-commits mailing list