[Secure-testing-commits] r15531 - data/CVE
Moritz Muehlenhoff
jmm-guest at alioth.debian.org
Wed Oct 27 20:03:32 UTC 2010
Author: jmm-guest
Date: 2010-10-27 20:03:23 +0000 (Wed, 27 Oct 2010)
New Revision: 15531
Modified:
data/CVE/list
Log:
- icedove fixed
- new kernel stack leaks
- some iceweasel updates
- moin fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-10-27 04:13:33 UTC (rev 15530)
+++ data/CVE/list 2010-10-27 20:03:23 UTC (rev 15531)
@@ -20,24 +20,35 @@
RESERVED
CVE-2010-4083
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2010-4082
RESERVED
+ - linux-2.6 2.6.32-24 (low)
+ [lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
CVE-2010-4081
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2010-4080
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2010-4079
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2010-4078
RESERVED
+ - linux-2.6 2.6.32-24 (low)
CVE-2010-4077
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2010-4076
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2010-4075
RESERVED
+ - linux-2.6 <unfixed> (low)
CVE-2010-4074
RESERVED
+ - linux-2.6 2.6.32-24 (low)
CVE-2010-4073
RESERVED
- linux-2.6 <unfixed> (low)
@@ -2260,27 +2271,32 @@
- xulrunner <removed>
- iceweasel 3.5.14-1
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+ - icedove 3.0.9-1
- iceape 2.0.9-1
[lenny] - iceape <not-affected> (Only a stub package)
[lenny] - xulrunner <not-affected> (bug in optimization added later)
CVE-2010-3182 (A certain application-launch script in Mozilla Firefox before 3.5.14 ...)
- TODO: check
+ - icedove 3.0.9-1
+ TODO: check, does this really affect our build?
CVE-2010-3181 (Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 ...)
- TODO: check
+ - iceweasel <not-affected> (Windows-specific)
CVE-2010-3180 (Use-after-free vulnerability in the nsBarProp function in Mozilla ...)
- xulrunner <removed>
+ - icedove 3.0.9-1
- iceweasel 3.5.14-1
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
- iceape 2.0.9-1
[lenny] - iceape <not-affected> (Only a stub package)
CVE-2010-3179 (Stack-based buffer overflow in the text-rendering functionality in ...)
- xulrunner <removed>
+ - icedove 3.0.9-1
- iceweasel 3.5.14-1
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
- iceape 2.0.9-1
[lenny] - iceape <not-affected> (Only a stub package)
CVE-2010-3178 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird ...)
- xulrunner <removed>
+ - icedove 3.0.9-1
- iceweasel 3.5.14-1
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
- iceape 2.0.9-1
@@ -2301,12 +2317,13 @@
TODO: check
CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
- xulrunner <removed>
+ - icedove 3.0.9-1
- iceweasel 3.5.14-1
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
- iceape 2.0.9-1
[lenny] - iceape <not-affected> (Only a stub package)
CVE-2010-3173 (The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x ...)
- TODO: check
+ - nss <unfixed>
CVE-2010-3172
RESERVED
CVE-2010-3171 (The Math.random function in the JavaScript implementation in Mozilla ...)
@@ -2854,8 +2871,7 @@
CVE-2010-2970 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x ...)
- moin 1.9.3-1 (low)
CVE-2010-2969 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ...)
- - moin <undetermined>
- TODO: check
+ - moin 1.9.3-1
CVE-2010-2968 (The FTP daemon in Wind River VxWorks does not close the TCP connection ...)
NOT-FOR-US: vxworks
CVE-2010-2967 (The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks ...)
More information about the Secure-testing-commits
mailing list