[Secure-testing-commits] r10890 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Thu Jan 8 09:14:15 UTC 2009


Author: joeyh
Date: 2009-01-08 09:14:13 +0000 (Thu, 08 Jan 2009)
New Revision: 10890

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-01-08 01:45:03 UTC (rev 10889)
+++ data/CVE/list	2009-01-08 09:14:13 UTC (rev 10890)
@@ -780,11 +780,13 @@
 CVE-2008-5513 (Unspecified vulnerability in the session-restore feature in Mozilla ...)
 	- iceweasel 3.0.5-1
 CVE-2008-5512 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
 CVE-2008-5511 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
@@ -797,16 +799,19 @@
 CVE-2008-5509
 	RESERVED
 CVE-2008-5508 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
 CVE-2008-5507 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
 	- xulrunner 1.9.0.5-1
 CVE-2008-5506 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
@@ -819,6 +824,7 @@
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	NOTE: Original fix for CVE-2008-3836 was incomplete
 CVE-2008-5503 (The loadBindingDocument function in Mozilla Firefox 2.x before ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceape 1.1.13-1
 	- iceweasel 3.0
 	- xulrunner 1.9
@@ -838,6 +844,7 @@
 	[etch] - xulrunner <not-affected> (Xulrunner 1.8 not affected)
 	- icedove <not-affected> (This issue was FF3 only, CVE-2008-5500 affects icedove)
 CVE-2008-5500 (The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceweasel 3.0.5-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.14-1
@@ -1993,7 +2000,7 @@
 	{DSA-1665-1}
 	- libcdaudio 0.99.12p2-7 (bug #505478)
 CVE-2008-5024 (Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
@@ -2004,13 +2011,13 @@
 	- xulrunner 1.9.0.4-1
 	- iceape 1.1.13-1
 CVE-2008-5022 (The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel 3.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
 CVE-2008-5021 (nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
@@ -2021,13 +2028,13 @@
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 CVE-2008-5018 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
 CVE-2008-5017 (Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
@@ -2047,19 +2054,19 @@
 	[etch] - iceweasel <not-affected> (Doesn't affect Firefox 2.x)
 	[etch] - xulrunner <not-affected> (Doesn't affect Firefox 2.x)
 CVE-2008-5014 (jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- icedove 2.0.0.19-1
 	- iceape 1.1.13-1
 CVE-2008-5013 (Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- iceweasel 3.0
 	- xulrunner 1.9
 CVE-2008-5012 (Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- iceweasel 3.0
@@ -3018,7 +3025,7 @@
 CVE-2008-4583 (Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX component ...)
 	NOT-FOR-US: Chilkat FTP
 CVE-2008-4582 (Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel 3.0.4-1
 	- iceape 1.1.13-1
@@ -4215,22 +4222,23 @@
 CVE-2008-4071 (A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-4070 (Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and ...)
+	{DSA-1697-1 DSA-1696-1}
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
 CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- iceweasel 3.0
 	- xulrunner 1.9
 	- iceape 1.1.12-1
 CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4067 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
@@ -4243,7 +4251,7 @@
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
 CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
@@ -4257,31 +4265,31 @@
 	- iceweasel 3.0.3-1
 	[etch] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2008-4062 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4061 (Integer overflow in the MathML component in Mozilla Firefox before ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4060 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4059 (The XPConnect component in Mozilla Firefox before 2.0.0.17 allows ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4058 (The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
@@ -4825,17 +4833,17 @@
 CVE-2008-3838 (Unspecified vulnerability in the NFS Remote Procedure Calls (RPC) ...)
 	NOT-FOR-US: Solaris
 CVE-2008-3837 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.3-1 (low)
 	- xulrunner 1.9.0.3-1 (low)
 	- iceape 1.1.12-1 (low)
 CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- iceweasel 3.0
 	- xulrunner 1.9
 CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- xulrunner 1.9
 	- iceweasel 3.0
@@ -7036,7 +7044,7 @@
 CVE-2008-2934 (Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to ...)
 	- iceweasel <not-affected> (MacOS-specific)
 CVE-2008-2933 (Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' ...)
-	{DSA-1615-1 DSA-1614-1}
+	{DSA-1697-1 DSA-1615-1 DSA-1614-1}
 	- iceweasel 3.0.1-1 (low)
 CVE-2008-2932 (Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote ...)
 	NOT-FOR-US: Red Hat adminutil
@@ -7357,29 +7365,30 @@
 	- linux-2.6 2.6.25-7
 	- linux-2.6.24 2.6.24-6~etchnhalf.4
 CVE-2008-2811 (The block reflow implementation in Mozilla Firefox before 2.0.0.15, ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
 CVE-2008-2810 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
+	{DSA-1697-1}
 	- iceweasel <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
 CVE-2008-2809 (Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
 CVE-2008-2808 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
-	{DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 CVE-2008-2807 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
@@ -7388,7 +7397,7 @@
 	- iceweasel <not-affected> (MacOS-specific)
 	- iceape <not-affected> (MacOS-specific)
 CVE-2008-2805 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow ...)
-	{DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0
 	NOTE: Firefox 3 not affected
 	- iceape 1.1.10
@@ -7396,34 +7405,34 @@
 CVE-2008-2804
 	RESERVED
 CVE-2008-2803 (The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 CVE-2008-2802 (Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- icedove 2.0.0.16-1
 	- xulrunner 1.9.0.1-1
 CVE-2008-2801 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not ...)
-	{DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 CVE-2008-2800 (Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow ...)
-	{DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 CVE-2008-2799 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
 CVE-2008-2798 (Multiple unspecified vulnerabilities in Mozilla Firefox before ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1607-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1607-1}
 	- iceweasel 3.0~b2-1
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
@@ -7465,7 +7474,7 @@
 	NOTE: Unless more specific information pops up, this can be considered covered by
 	NOTE: CVE-2008-2785
 CVE-2008-2785 (Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird ...)
-	{DSA-1621-1 DSA-1615-1 DSA-1614-1}
+	{DSA-1697-1 DSA-1621-1 DSA-1615-1 DSA-1614-1}
 	- iceweasel 3.0 (medium; bug #488358)
 	- icedove 2.0.0.16-1
 	- iceape 1.1.11-1 (bug #491163)
@@ -7731,7 +7740,7 @@
 	NOT-FOR-US: pNews
 CVE-2008-2672 (Multiple directory traversal vulnerabilities in ErfurtWiki R1.02b and ...)
 	- ewiki <removed> (unimportant)
-        NOTE: register_globals is not supported
+	NOTE: register_globals is not supported
 CVE-2008-2671 (SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows ...)
 	NOT-FOR-US: DCFM Blog
 CVE-2008-2670 (Multiple SQL injection vulnerabilities in index.php in Insanely Simple ...)
@@ -10704,7 +10713,7 @@
 	- zoneminder 1.23.3-1 (medium; bug #479034)
 	NOTE: http://www.awe.com/mark/blog/200804272230.html
 CVE-2008-1380 (The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird ...)
-	{DSA-1562-1 DSA-1558-1 DSA-1555-1}
+	{DSA-1696-1 DSA-1562-1 DSA-1558-1 DSA-1555-1}
 	- iceweasel 2.0.0.14-1
 	- icedove 2.0.0.14-1
 	- iceape 1.1.9-2
@@ -13276,7 +13285,7 @@
 CVE-2008-0305
 	RESERVED
 CVE-2008-0304 (Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and ...)
-	{DSA-1621-1}
+	{DSA-1697-1 DSA-1621-1}
 	- icedove 2.0.0.12-1 (medium)
 	- iceape 1.1.8-1 (medium)
 CVE-2008-0303 (The FTP print feature in multiple Canon printers, including ...)
@@ -14696,12 +14705,12 @@
 CVE-2008-0018
 	RESERVED
 CVE-2008-0017 (The http-index-format MIME type parser (nsDirIndexParser) in Firefox ...)
-	{DSA-1671-1 DSA-1669-1}
+	{DSA-1697-1 DSA-1671-1 DSA-1669-1}
 	- iceweasel 3.0.4-1
 	- xulrunner 1.9.0.4-1
 	- iceape 1.1.13-1
 CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in ...)
-	{DSA-1669-1 DSA-1649-1}
+	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- xulrunner 1.9
 	- iceweasel 3.0




More information about the Secure-testing-commits mailing list