[Secure-testing-commits] r14010 - data/CVE
Michael Gilbert
gilbert-guest at alioth.debian.org
Tue Feb 2 23:37:33 UTC 2010
Author: gilbert-guest
Date: 2010-02-02 23:37:33 +0000 (Tue, 02 Feb 2010)
New Revision: 14010
Modified:
data/CVE/list
Log:
mozilla issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-02 23:37:18 UTC (rev 14009)
+++ data/CVE/list 2010-02-02 23:37:33 UTC (rev 14010)
@@ -154,9 +154,15 @@
CVE-2010-0393
RESERVED
CVE-2009-4630 (Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, ...)
- TODO: check
+ - xulrunner <unfixed> (low)
+ - iceape <unfixed> (low)
+ NOTE: mozilla's dns prefetching leads to disclosure of the user's network location
+ TODO: this may be unimportant since mozilla has chosen not to ignore the issue
CVE-2009-4629 (Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other ...)
- TODO: check
+ - icedove <unfixed> (low)
+ - iceape <unfixed> (low)
+ NOTE: mozilla's dns prefetching leads to disclosure of the user's network location
+ TODO: this may be unimportant since mozilla has chosen not to ignore the issue
CVE-2005-4885 (Unspecified vulnerability on certain Sun StorEdge 6130 (SE6130) ...)
NOT-FOR-US: Sun StorEdge 6130
CVE-2004-2766 (Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server ...)
More information about the Secure-testing-commits
mailing list