[Secure-testing-commits] r11695 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Apr 22 21:42:00 UTC 2009


Author: jmm-guest
Date: 2009-04-22 21:42:00 +0000 (Wed, 22 Apr 2009)
New Revision: 11695

Modified:
   data/CVE/list
Log:
new mozilla issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-04-22 21:14:14 UTC (rev 11694)
+++ data/CVE/list	2009-04-22 21:42:00 UTC (rev 11695)
@@ -136,28 +136,50 @@
 	NOT-FOR-US: Web File Explorer
 CVE-2009-1313
 	RESERVED
-CVE-2009-1312
+CVE-2009-1312 [MFSA 2009-22: Firefox allows Refresh header to redirect to javascript: URIs]
 	RESERVED
-CVE-2009-1311
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1311 [MFSA 2009-21: POST data sent to wrong site when saving web page with embedded frame]
 	RESERVED
-CVE-2009-1310
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1310 [MFSA 2009-22: Firefox allows Refresh header to redirect to javascript: URIs]
 	RESERVED
-CVE-2009-1309
+        - iceweasel 3.0.9-1
+        [etch] - iceweasel <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1309 [MFSA 2009-19: Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString]
 	RESERVED
-CVE-2009-1308
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1308 [MFSA 2009-18: XSS hazard using third-party stylesheets and XBL bindings]
 	RESERVED
-CVE-2009-1307
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1307 [MFSA 2009-17: Same-origin violations when Adobe Flash loaded via view-source: scheme]
 	RESERVED
-CVE-2009-1306
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1306 [MFSA 2009-16: jar: scheme ignores the content-disposition: header on the inner URI]
 	RESERVED
-CVE-2009-1305
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1305 [Firefox crashes with evidence of memory corruption]
 	RESERVED
-CVE-2009-1304
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1304 [Firefox crashes with evidence of memory corruption]
 	RESERVED
-CVE-2009-1303
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1303 [Firefox crashes with evidence of memory corruption]
 	RESERVED
-CVE-2009-1302
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1302 [Firefox crashes with evidence of memory corruption]
 	RESERVED
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 CVE-2009-1301 (Integer signedness error in the store_id3_text function in the ID3v2 ...)
 	- mpg123 1.7.2-1 (low)
 	NOTE: http://secunia.com/advisories/34587/3/
@@ -2637,9 +2659,8 @@
 CVE-2009-0653 (OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an ...)
 	- openssl 0.9.8-1 (bug #517791)
 CVE-2009-0652 (Mozilla Firefox 3.0.6 does not properly prevent the literal rendering ...)
-	- iceape <unfixed>
-	- xulrunner <unfixed>
-	- iceweasel <unfixed>
+        - xulrunner 1.9.0.9-1
+        [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 CVE-2009-0651 (Unspecified vulnerability in the Veritas network daemon (aka vnetd) in ...)
 	NOT-FOR-US: Veritas network daemon
 CVE-2009-0650 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...)




More information about the Secure-testing-commits mailing list