[Secure-testing-commits] r15509 - data/CVE

Moritz Muehlenhoff jmm-guest at alioth.debian.org
Sat Oct 23 15:24:35 UTC 2010 

Author: jmm-guest
Date: 2010-10-23 15:24:33 +0000 (Sat, 23 Oct 2010)
New Revision: 15509

Modified:
   data/CVE/list
Log:
new libsmi issue
new mozilla issues
add mcabber issue discovred by Silvio


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2010-10-23 12:36:29 UTC (rev 15508)
+++ data/CVE/list	2010-10-23 15:24:33 UTC (rev 15509)
@@ -2151,25 +2151,54 @@
 CVE-2010-3184
 	RESERVED
 CVE-2010-3183 (The LookupGetterOrSetter function in Mozilla Firefox before 3.5.14 and ...)
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 	[lenny] - xulrunner <not-affected> (bug in optimization added later)
 CVE-2010-3182 (A certain application-launch script in Mozilla Firefox before 3.5.14 ...)
 	TODO: check
 CVE-2010-3181 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 ...)
 	TODO: check
 CVE-2010-3180 (Use-after-free vulnerability in the nsBarProp function in Mozilla ...)
-	TODO: check
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3179 (Stack-based buffer overflow in the text-rendering functionality in ...)
-	TODO: check
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3178 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird ...)
-	TODO: check
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3177 (Multiple cross-site scripting (XSS) vulnerabilities in the Gopher ...)
-	TODO: check
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3176 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	TODO: check
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3175 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	TODO: check
 CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
-	TODO: check
+	- xulrunner <removed>
+	- iceweasel 3.5.14-1
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape 2.0.9-1
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3173 (The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x ...)
 	TODO: check
 CVE-2010-3172
@@ -2919,6 +2948,7 @@
 	RESERVED
 CVE-2010-2891
 	RESERVED
+	- libsmi 0.4.8+dfsg2-3
 CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on ...)
 	NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2010-2889 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, ...)
@@ -13699,6 +13729,7 @@
 CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...)
 	{DSA-1977-1 DSA-1921-1}
 	- expat 2.0.1-5 (low; bug #551936)
+	- mcabber <unfixed> (low; bug #601053)
 	- w3c-libwww <removed> (low; bug #551938)
 	[etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
 	- python-xml <removed> (low; bug #560951)
@@ -14178,6 +14209,7 @@
 CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, ...)
 	{DSA-1977-1 DSA-1953-2 DSA-1953-1}
 	- expat 2.0.1-6 (low; bug #560901)
+	- mcabber <unfixed> (low; bug #601053)
 	- w3c-libwww <removed>
 	[etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
 	- python-xml <removed> (low; bug #560951)

More information about the Secure-testing-commits mailing list