[Secure-testing-commits] r12218 - data/CVE

Sun Jun 28 18:51:18 UTC 2009

Author: gilbert-guest
Date: 2009-06-28 18:51:17 +0000 (Sun, 28 Jun 2009)
New Revision: 12218

Modified:
   data/CVE/list
Log:
squeeze now has lenny's version of xulrunner


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-06-28 18:30:55 UTC (rev 12217)
+++ data/CVE/list	2009-06-28 18:51:17 UTC (rev 12218)
@@ -913,51 +913,69 @@
 CVE-2009-1841 (js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1840 (Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1839 (Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 CVE-2009-1838 (The garbage-collection implementation in Mozilla Firefox before ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1837 (Race condition in the NPObjWrapper_NewResolve function in ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
 	[etch] - xulrunner <not-affected> (Doesn't affect Gecko 1.8)
 CVE-2009-1836 (Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1835 (Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1834 (Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1833 (The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1832 (Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and ...)
 	{DSA-1820-1}
 	- xulrunner 1.9.0.11-1
+	[squeeze] - xulrunner 1.9.0.11-0lenny1
+	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 	- icedove <unfixed>
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+	TODO: check whether icedove itself is affected or whether the problem is solely within xulrunner
 CVE-2009-1828 (Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of ...)
 	- xulrunner <unfixed> (unimportant)
 	NOTE: Browser crashes not treated as security issues


