[Secure-testing-commits] r10994 - data/CVE

white at alioth.debian.org white at alioth.debian.org
Tue Jan 20 00:44:31 UTC 2009


Author: white
Date: 2009-01-20 00:44:31 +0000 (Tue, 20 Jan 2009)
New Revision: 10994

Modified:
   data/CVE/list
Log:
CVE concerns MFSA 2007-37, which is fixed in current stable and affects only iceweasel/iceape

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-01-19 22:15:36 UTC (rev 10993)
+++ data/CVE/list	2009-01-20 00:44:31 UTC (rev 10994)
@@ -14578,8 +14578,8 @@
 	REJECTED
 CVE-2007-6589 (The jar protocol handler in Mozilla Firefox before 2.0.0.10 and ...)
 	- iceape 1.1.7-1 (medium)
-	- iceweasel 2.0.0.10-1 (medium)
-	TODO: check mozilla derivatives/xulrunner
+	- iceweasel 2.0.0.10-1 (medium)	
+	[etch] - iceape <not-affected> (Already fixed in current stable)
 CVE-2007-6588 (Cross-site scripting (XSS) vulnerability in PHCDownload 1.10 allows ...)
 	NOT-FOR-US: PHCDownload
 CVE-2007-6587 (SQL injection vulnerability in plog-rss.php in Plogger 1.0 Beta 3.0 ...)




More information about the Secure-testing-commits mailing list