[Secure-testing-commits] r11695 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Apr 22 21:42:00 UTC 2009
Author: jmm-guest
Date: 2009-04-22 21:42:00 +0000 (Wed, 22 Apr 2009)
New Revision: 11695
Modified:
data/CVE/list
Log:
new mozilla issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2009-04-22 21:14:14 UTC (rev 11694)
+++ data/CVE/list 2009-04-22 21:42:00 UTC (rev 11695)
@@ -136,28 +136,50 @@
NOT-FOR-US: Web File Explorer
CVE-2009-1313
RESERVED
-CVE-2009-1312
+CVE-2009-1312 [MFSA 2009-22: Firefox allows Refresh header to redirect to javascript: URIs]
RESERVED
-CVE-2009-1311
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1311 [MFSA 2009-21: POST data sent to wrong site when saving web page with embedded frame]
RESERVED
-CVE-2009-1310
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1310 [MFSA 2009-22: Firefox allows Refresh header to redirect to javascript: URIs]
RESERVED
-CVE-2009-1309
+ - iceweasel 3.0.9-1
+ [etch] - iceweasel <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1309 [MFSA 2009-19: Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString]
RESERVED
-CVE-2009-1308
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1308 [MFSA 2009-18: XSS hazard using third-party stylesheets and XBL bindings]
RESERVED
-CVE-2009-1307
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1307 [MFSA 2009-17: Same-origin violations when Adobe Flash loaded via view-source: scheme]
RESERVED
-CVE-2009-1306
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1306 [MFSA 2009-16: jar: scheme ignores the content-disposition: header on the inner URI]
RESERVED
-CVE-2009-1305
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1305 [Firefox crashes with evidence of memory corruption]
RESERVED
-CVE-2009-1304
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1304 [Firefox crashes with evidence of memory corruption]
RESERVED
-CVE-2009-1303
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1303 [Firefox crashes with evidence of memory corruption]
RESERVED
-CVE-2009-1302
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+CVE-2009-1302 [Firefox crashes with evidence of memory corruption]
RESERVED
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-1301 (Integer signedness error in the store_id3_text function in the ID3v2 ...)
- mpg123 1.7.2-1 (low)
NOTE: http://secunia.com/advisories/34587/3/
@@ -2637,9 +2659,8 @@
CVE-2009-0653 (OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an ...)
- openssl 0.9.8-1 (bug #517791)
CVE-2009-0652 (Mozilla Firefox 3.0.6 does not properly prevent the literal rendering ...)
- - iceape <unfixed>
- - xulrunner <unfixed>
- - iceweasel <unfixed>
+ - xulrunner 1.9.0.9-1
+ [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-0651 (Unspecified vulnerability in the Veritas network daemon (aka vnetd) in ...)
NOT-FOR-US: Veritas network daemon
CVE-2009-0650 (Stack-based buffer overflow in the GetStatsFromLine function in TPTEST ...)
More information about the Secure-testing-commits
mailing list