[Secure-testing-commits] r14120 - data/CVE

Michael Gilbert gilbert-guest at alioth.debian.org
Wed Feb 17 22:19:20 UTC 2010 

Author: gilbert-guest
Date: 2010-02-17 22:19:17 +0000 (Wed, 17 Feb 2010)
New Revision: 14120

Modified:
   data/CVE/list
Log:
new xulrunner issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-02-17 21:14:27 UTC (rev 14119)
+++ data/CVE/list	2010-02-17 22:19:17 UTC (rev 14120)
@@ -1381,14 +1381,24 @@
 	RESERVED
 CVE-2010-0163
 	RESERVED
-CVE-2010-0162
+CVE-2010-0162 [same-origin bypass]
 	RESERVED
+	- xulrunner <unfixed>
+        [etch] - xulrunner <end-of-life>
+	- iceape <unfixed>
 CVE-2010-0161
 	RESERVED
-CVE-2010-0160
+CVE-2010-0160 [vulnerability in web workers]
 	RESERVED
-CVE-2010-0159
+	- xulrunner <unfixed>
+	[etch] - xulrunner <not-affected> (web workers introduced in firefox 3.5)
+	[lenny] - xulrunner <not-affected> (web workers introduced in firefox 3.5)
+	- iceape <unfixed>
+CVE-2010-0159 [several vulnerabilities]
 	RESERVED
+	- xulrunner <unfixed>
+        [etch] - xulrunner <end-of-life>
+	- iceape <unfixed>
 CVE-2010-0158 (** DISPUTED ** ...)
 	NOT-FOR-US: JoomlaBamboo (JB) Simpla Admin template
 CVE-2010-0157 (Directory traversal vulnerability in the Bible Study (com_biblestudy) ...)
@@ -3243,8 +3253,11 @@
 CVE-2009-3989 (Bugzilla before 3.0.11, 3.2.x before 3.2.6, 3.4.x before 3.4.5, and ...)
 	- bugzilla <unfixed> (unimportant)
 	NOTE: http://www.bugzilla.org/security/3.0.10/
-CVE-2009-3988
+CVE-2009-3988 [same-origin flaw in showModalDialog]
 	RESERVED
+	- xulrunner <unfixed>
+        [etch] - xulrunner <end-of-life>
+	- iceape <unfixed>
 CVE-2009-3987 (The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and ...)
 	- xulrunner <not-affected> (Windows-specific vulnerability)
 CVE-2009-3986 (Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey ...)
@@ -10828,8 +10841,11 @@
 CVE-2009-1574 (racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote ...)
 	{DSA-1804-1}
 	- ipsec-tools 1:0.7.1-1.4 (medium; bug #527634)
-CVE-2009-1571
+CVE-2009-1571 [memory incorrectly freed]
 	RESERVED
+	- xulrunner <unfixed>
+        [etch] - xulrunner <end-of-life>
+	- iceape <unfixed>
 CVE-2009-1570 (Integer overflow in the ReadImage function in ...)
 	- gimp 2.6.7-1.1 (medium; bug #555929)
 CVE-2009-1569 (Multiple stack-based buffer overflows in Novell iPrint Client 4.38, ...)

More information about the Secure-testing-commits mailing list