[Secure-testing-commits] r13198 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Wed Nov 4 22:35:35 UTC 2009 

Author: jmm-guest
Date: 2009-11-04 22:35:34 +0000 (Wed, 04 Nov 2009)
New Revision: 13198

Modified:
   data/CVE/list
Log:
wireshark and xulrunner updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-11-04 22:29:49 UTC (rev 13197)
+++ data/CVE/list	2009-11-04 22:35:34 UTC (rev 13198)
@@ -777,13 +777,14 @@
 	RESERVED
 CVE-2009-3551 (Off-by-one error in the dissect_negprot_response function in ...)
 	- wireshark 1.2.3-1 (low; bug #553583)
-	NOTE: http://www.wireshark.org/security/wnpa-sec-2009-07.html
+	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
+	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 CVE-2009-3550 (The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 ...)
 	- wireshark 1.2.3-1 (low; bug #553583)
-	NOTE: http://www.wireshark.org/security/wnpa-sec-2009-07.html
 CVE-2009-3549 (packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through ...)
 	- wireshark 1.2.3-1 (low; bug #553583)
-	NOTE: http://www.wireshark.org/security/wnpa-sec-2009-07.html
+	[lenny] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
+	[etch] - wireshark <not-affected> (Only affects Wireshark 1.2.x)
 CVE-2009-3548
 	RESERVED
 CVE-2009-3547 [linux-2.6: null ptr dereferences]
@@ -4124,8 +4125,6 @@
 	[lenny] - wireshark <not-affected> (Only affects 1.2.0)
 CVE-2009-2560 (Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote ...)
 	- wireshark 1.2.1-1 (bug #538237)
-	[etch] - wireshark <not-affected> (Only affects 1.2.0)
-	[lenny] - wireshark <not-affected> (Only affects 1.2.0)
 CVE-2009-2559 (Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote ...)
 	- wireshark 1.2.1-1 (bug #538237)
 	[etch] - wireshark <not-affected> (Only affects 1.2.0)
@@ -4324,22 +4323,18 @@
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-40.html
 CVE-2009-2471 (The setTimeout function in Mozilla Firefox before 3.0.12 does not ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-39.html
 CVE-2009-2470 (Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-38.html
 CVE-2009-2469 (Mozilla Firefox before 3.0.12 does not properly handle an SVG element ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-37.html
 CVE-2009-2468 (Integer overflow in Apple CoreGraphics, as used in Safari before ...)
 	NOT-FOR-US: CoreGraphics in Apple Mac OS X
 	NOTE: related issue to CVE-2009-1194
@@ -4347,27 +4342,22 @@
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-35.html
 CVE-2009-2466 (The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-34.html
 CVE-2009-2465 (Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-34.html
 CVE-2009-2464 (The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1
 	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-34.html
 CVE-2009-2463 (Integer overflow in a base64 decoding function in Mozilla Firefox ...)
 	{DSA-1840-1}
-	- xulrunner 1.9.0.12-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
-	NOTE: http://www.mozilla.org/security/announce/2009/mfsa2009-34.html
+	- nspr 4.8.2-1
+	[etch] - nspr <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
 CVE-2009-2462 (The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird ...)
 	{DSA-1840-1}
 	- xulrunner 1.9.0.12-1

More information about the Secure-testing-commits mailing list