[Secure-testing-commits] r13043 - data/CVE

Mon Oct 19 18:56:01 UTC 2009

Author: gilbert-guest
Date: 2009-10-19 18:56:01 +0000 (Mon, 19 Oct 2009)
New Revision: 13043

Modified:
   data/CVE/list
Log:
- some more fixed iceape issues
- use appropriate debian version for some xulrunner/iceweasel issues

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2009-10-19 17:59:48 UTC (rev 13042)
+++ data/CVE/list	2009-10-19 18:56:01 UTC (rev 13043)
@@ -13140,19 +13140,17 @@
 	NOTE: patch now available and will be checked for next patch round
 CVE-2008-5504 (Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run ...)
 	{DSA-1707-1}
-	- iceweasel 3.0
-	- xulrunner 1.9
+	- iceweasel 3.0.1-1
+	- xulrunner 1.9.0.1-1
 	[etch] - xulrunner <not-affected> (The vulnerable feature is only included in 1.8.1 branch)
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	NOTE: Original fix for CVE-2008-3836 was incomplete
 CVE-2008-5503 (The loadBindingDocument function in Mozilla Firefox 2.x before ...)
 	{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
 	- iceape 1.1.13-1
-	- iceweasel 3.0
-	- xulrunner 1.9
+	- iceweasel 3.0.1-1
+	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.19-1 (low)
 	NOTE: JavaScript for mails is disabled by default and if users enable it ...
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 CVE-2008-5502 (The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x ...)
 	- iceweasel 3.0.5-1
 	[etch] - iceweasel <not-affected> (Firefox 2.x not affected)
@@ -14491,15 +14489,13 @@
 CVE-2008-5013 (Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do ...)
 	{DSA-1697-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
-	- iceweasel 3.0
-	- xulrunner 1.9
+	- iceweasel 3.0.1-1
+	- xulrunner 1.9.0.1-1
 CVE-2008-5012 (Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
 	- iceape 1.1.13-1
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
-	- iceweasel 3.0
-	- xulrunner 1.9
+	- iceweasel 3.0.1-1
+	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.19-1
 CVE-2008-5010 (in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and ...)
 	NOT-FOR-US: in.dhcpd
@@ -16663,9 +16659,8 @@
 	- icedove 2.0.0.17-1
 CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey ...)
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
-	- iceweasel 3.0
-	- xulrunner 1.9
+	- iceweasel 3.0.1-1
+	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
 CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
@@ -16681,10 +16676,8 @@
 	- icedove 2.0.0.17-1
 CVE-2008-4066 (Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows ...)
 	{DSA-1669-1 DSA-1649-1}
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
-	NOTE: Fix should be in next iceape/icedove DSA patchround
-	- iceweasel 3.0
-	- xulrunner 1.9
+	- iceweasel 3.0.1-1
+	- xulrunner 1.9.0.1-1
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
 CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird ...)
@@ -17281,14 +17274,13 @@
 	- iceape 1.1.12-1 (low)
 CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers ...)
 	{DSA-1697-1 DSA-1669-1 DSA-1649-1}
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
-	- iceweasel 3.0
-	- xulrunner 1.9
+	- iceweasel 3.0.1-1
+	- xulrunner 1.9.0.1-1
+	- iceape 1.1.12-1
 CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
-	- xulrunner 1.9
-	- iceweasel 3.0
+	- xulrunner 1.9.0.1-1
+	- iceweasel 3.0.1-1
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
 CVE-2008-3834 (The dbus_signature_validate function in the D-bus library (libdbus) ...)
@@ -25061,6 +25053,7 @@
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
+	- iceape 1.1.9-1
 CVE-2008-0593 (Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
@@ -25075,6 +25068,7 @@
 	{DSA-1506-1 DSA-1489-1 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
+	- iceape 1.1.9-1
 CVE-2008-0590 (Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows ...)
 	NOT-FOR-US: WS_FTP Server with SSH
 CVE-2008-0589 (The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows ...)
@@ -25504,6 +25498,7 @@
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
 	- xulrunner 1.8.1.12-1
+	- iceape 1.1.8-1
 CVE-2008-0416 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
 	{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
 	- iceweasel 2.0.0.12-1
@@ -27204,9 +27199,8 @@
 	- iceape 1.1.13-1
 CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in ...)
 	{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
-	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
-	- xulrunner 1.9
-	- iceweasel 3.0
+	- xulrunner 1.9.0.1-1
+	- iceweasel 3.0.1-1
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
 CVE-2008-0015 (Stack-based buffer overflow in the CComVariant::ReadFromStream ...)


