[Secure-testing-commits] r16607 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Apr 29 07:47:23 UTC 2011 

Author: jmm
Date: 2011-04-29 07:47:15 +0000 (Fri, 29 Apr 2011)
New Revision: 16607

Modified:
   data/CVE/list
Log:
new mozilla issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-04-27 21:15:18 UTC (rev 16606)
+++ data/CVE/list	2011-04-29 07:47:15 UTC (rev 16607)
@@ -5,7 +5,7 @@
 	[squeeze] - libpcap <no-dsa> (Minor issue)
 	[lenny] - libpcap <no-dsa> (Minor issue)
 CVE-2011-XXXX [ffmpeg AMV out of array write]
-	- libav <unfixed>
+	- libav <unfixed> (bug #624339)
 	- ffmpeg <unfixed>
 	- ffmpeg-debian <removed>
 CVE-2010-4801 (Directory traversal vulnerability in admin/updatelist.php in BaconMap ...)
@@ -1606,6 +1606,11 @@
 	NOTE: http://trac.webkit.org/changeset/79476
 CVE-2011-1202 (The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 ...)
 	- libxslt 1.1.26-7 (bug #617413)
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html
 	[squeeze] - libxslt <no-dsa> (minor issue)
 	[lenny] - libxslt <no-dsa> (minor issue)
@@ -4993,38 +4998,112 @@
 	RESERVED
 CVE-2011-0081
 	RESERVED
+	- xulrunner <not-affected> (Only affects Firefox 4.0/3.6, not yet in unstable)
+	- iceweasel <not-affected> (Only affects Firefox 4.0/3.6, not yet in unstable)
 CVE-2011-0080
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0079
 	RESERVED
+	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
+	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 CVE-2011-0078
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0077
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0076
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
+	NOTE: This could be MacOS X specific
 CVE-2011-0075
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0074
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0073
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0072
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0071
 	RESERVED
+	- xulrunner <not-affected> (Windows-specific)
+	- iceweasel <not-affected> (Windows-specific)
 CVE-2011-0070
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0069
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0068
 	RESERVED
+	- xulrunner <not-affected> (Only affects Firefox 4.0, not yet in unstable)
+	- iceweasel <not-affected> (Only affects Firefox 4.0, not yet in unstable)
 CVE-2011-0067
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0066
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0065
 	RESERVED
+	- xulrunner <removed>
+	- iceweasel <unfixed>
+	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
+	- iceape <unfixed>
+	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in ...)
 	{DSA-2178-1}
 	- pango1.0 1.28.3-2~sid1

More information about the Secure-testing-commits mailing list