[Secure-testing-commits] r13353 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Mon Nov 23 18:12:08 UTC 2009


Author: jmm-guest
Date: 2009-11-23 18:12:07 +0000 (Mon, 23 Nov 2009)
New Revision: 13353

Modified:
   data/CVE/list
Log:
- dovecot only affects sid/squeeze
- mark older firefox as design/non-issue


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-11-23 16:59:45 UTC (rev 13352)
+++ data/CVE/list	2009-11-23 18:12:07 UTC (rev 13353)
@@ -111,8 +111,9 @@
 	[lenny] - nginx <no-dsa> (upload rights required)
 CVE-2009-XXXX [dovecot 0777 base_dir creation]
 	- dovecot <unfixed> (medium)
-	NOTE: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html
-	TODO: check
+	[lenny] - dovecot <not-affected> (Only affects 1.2.x)
+	[etch] - dovecot <not-affected> (Only affects 1.2.x)
+	NOTE: http://www.dovecot.org/list/dovecot-news/2009-November/000143.html, CVE requested on oss-sec
 CVE-2009-XXXX [php temporary files exhaustion DoS]
 	- php5 5.2.11.dfsg.1-2 (medium)
 	- php4 <unfixed> (medium)
@@ -42194,22 +42195,12 @@
 CVE-2007-1085 (Cross-site scripting (XSS) vulnerability in Google Desktop allows ...)
 	NOT-FOR-US: Google Desktop
 CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...)
-	- iceweasel <unfixed> (low; bug #556268)
-	[etch] - iceweasel <no-dsa> (Minor issue)
-	[lenny] - iceweasel <no-dsa> (Minor issue)
-	- iceape <unfixed> (low)
-	[etch] - iceape <no-dsa> (Minor issue)
-	[lenny] - iceape <no-dsa> (minor issue)
-	- epiphany-browser <unfixed> (low; bug #556272)
-	[etch] - epiphany-browser <no-dsa> (minor issue)
-	[lenny] - epiphany-browser <no-dsa> (minor issue)
+	- iceweasel <unfixed> (unimportant; bug #556268)
+	- iceape <unfixed> (unimportant)
+	- epiphany-browser <unfixed> (unimportant; bug #556272)
 	NOTE: only epiphany-gecko backend affected
-	- galeon <unfixed> (low; bug #556270)
-	[etch] - galeon <no-dsa> (minor issue)
-	[lenny] - galeon <no-dsa> (minor issue)
-	- kazehakase <unfixed> (low; bug #556271)
-	[etch] - kazehakase <no-dsa> (minor issue)
-	[lenny] - kazehakase <no-dsa> (minor issue)
+	- galeon <unfixed> (unimportant; bug #556270)
+	- kazehakase <unfixed> (unimportant; bug #556271)
 	- conkeror <not-affected> (doesn't support bookmarks)
 	- webkit <not-affected> (doesn't support javascript embedded in bookmarks)
 CVE-2007-1083 (Buffer overflow in the Configuration Checker (ConfigChk) ActiveX ...)




More information about the Secure-testing-commits mailing list