[Secure-testing-commits] r14036 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Thu Feb 4 23:06:25 UTC 2010
Author: jmm-guest
Date: 2010-02-04 23:06:23 +0000 (Thu, 04 Feb 2010)
New Revision: 14036
Modified:
data/CVE/list
Log:
more xulrunner end-of-lifes
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-02-04 22:41:45 UTC (rev 14035)
+++ data/CVE/list 2010-02-04 23:06:23 UTC (rev 14036)
@@ -2947,16 +2947,19 @@
CVE-2009-3982 (Multiple unspecified vulnerabilities in the JavaScript engine in ...)
- xulrunner 1.9.1.6-1
[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
+ [etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
CVE-2009-3981 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
{DSA-1956-1}
- xulrunner 1.9.1
NOTE: Only affects Firefox 3
CVE-2009-3980 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- xulrunner 1.9.1.6-1
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
CVE-2009-3979 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
{DSA-1956-1}
- xulrunner 1.9.1.6-1
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-3978 (The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp ...)
- xulrunner 1.9.1.5-1 (unimportant)
NOTE: Browser crashes not treated as security issues
@@ -4699,10 +4702,12 @@
- libtheora 1.1
[etch] - libtheora <not-affected> (vulnerable code not present)
- xulrunner 1.9.1.6-1
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
CVE-2009-3388 (liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before ...)
- liboggplay <unfixed>
- xulrunner 1.9.1.6-1
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
[lenny] - xulrunner <not-affected> (Video playback capabilities were added in 3.5)
CVE-2009-3387 (Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group ...)
- bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
@@ -4725,7 +4730,7 @@
CVE-2009-3382 (layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
- [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-3381 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- xulrunner 1.9.1.4-1
[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
@@ -4733,7 +4738,7 @@
CVE-2009-3380 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
- [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-3379 (Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla ...)
{DSA-1939-1}
- libvorbis 1.2.3-1 (medium)
@@ -4753,7 +4758,7 @@
CVE-2009-3376 (Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
- [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-3375 (content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
@@ -4761,7 +4766,7 @@
CVE-2009-3374 (The XPCVariant::VariantDataToJS function in the XPCOM implementation ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
- [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-3373 (Heap-based buffer overflow in the GIF image parser in Mozilla Firefox ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
@@ -4779,7 +4784,7 @@
CVE-2009-3370 (Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
- [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-3368 (Cross-site scripting (XSS) vulnerability in the Hotel Booking ...)
NOT-FOR-US: component for Joomla!
CVE-2009-3367 (Multiple cross-site scripting (XSS) vulnerabilities in An image ...)
@@ -5007,7 +5012,7 @@
CVE-2009-3274 (Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and ...)
{DSA-1922-1}
- xulrunner 1.9.1.4-1
- [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-3273 (iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not ...)
NOT-FOR-US: Apple iPhone
CVE-2009-3272 (Stack consumption vulnerability in WebKit.dll in WebKit in Apple ...)
@@ -7457,7 +7462,7 @@
CVE-2009-2664 (The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript ...)
{DSA-1873-1}
- xulrunner 1.9.0.13-1
- [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support)
+ [etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no longer covered by security support)
CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 ...)
{DSA-1939-1}
- libvorbis 1.2.0.dfsg-6 (medium; bug #540958)
@@ -16006,8 +16011,8 @@
CVE-2008-5914 (An unspecified function in the JavaScript implementation in Apple ...)
NOT-FOR-US: Apple
CVE-2008-5913 (An unspecified function in the JavaScript implementation in Mozilla ...)
- - xulrunner <unfixed> (undetermined; bug #559792)
- - iceape <unfixed> (undetermined)
+ - xulrunner <undetermined> (bug #559792)
+ - iceape <undetermined>
CVE-2008-5912 (An unspecified function in the JavaScript implementation in Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2008-5911 (Multiple buffer overflows in RealNetworks Helix Server and Helix ...)
More information about the Secure-testing-commits
mailing list