[Secure-testing-commits] r16316 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon Mar 7 08:21:42 UTC 2011 

Author: jmm
Date: 2011-03-07 08:21:33 +0000 (Mon, 07 Mar 2011)
New Revision: 16316

Modified:
   data/CVE/list
Log:
icedove, krb5 fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-03-06 21:16:30 UTC (rev 16315)
+++ data/CVE/list	2011-03-07 08:21:33 UTC (rev 16316)
@@ -2462,11 +2462,11 @@
 	[squeeze] - krb5 <no-dsa> (minor issue)
 	[lenny] - krb5 <no-dsa> (minor issue)
 CVE-2011-0282 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.6.x ...)
-	- krb5 <unfixed>
+	- krb5 1.8.3+dfsg-5
 	[squeeze] - krb5 <no-dsa> (Will be fixed in a point update)
 	[lenny] - krb5 <no-dsa> (Will be fixed in a point update)
 CVE-2011-0281 (The unparse implementation in the Key Distribution Center (KDC) in MIT ...)
-	- krb5 <unfixed>
+	- krb5 1.8.3+dfsg-5
 	[squeeze] - krb5 <no-dsa> (Will be fixed in a point update)
 	[lenny] - krb5 <no-dsa> (Will be fixed in a point update)
 CVE-2010-4668 (The blk_rq_map_user_iov function in block/blk-map.c in the Linux ...)
@@ -3168,16 +3168,19 @@
 	RESERVED
 CVE-2011-0059 (Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.12-1
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0058 (Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before ...)
+	- icedove <not-affected> (Windows-specific)
 	- xulrunner <not-affected> (Windows-specific)
 	- iceweasel <not-affected> (Windows-specific)
 CVE-2011-0057 (Use-after-free vulnerability in the Web Workers implementation in ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -3185,6 +3188,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0056 (Buffer overflow in the JavaScript engine in Mozilla Firefox before ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -3192,6 +3196,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0055 (Use-after-free vulnerability in the JSON.stringify method in Mozilla ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -3199,6 +3204,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0054 (Buffer overflow in the JavaScript engine in Mozilla Firefox before ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -3206,6 +3212,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-0053 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -3215,6 +3222,7 @@
 	RESERVED
 CVE-2011-0051 (Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
@@ -4911,7 +4919,7 @@
 CVE-2010-4023 (Cross-site scripting (XSS) vulnerability in HP Insight Control Power ...)
 	NOT-FOR-US: HP Insight Control Power Management
 CVE-2010-4022 (The do_standalone function in the MIT krb5 KDC database propagation ...)
-	- krb5 <unfixed> (low)
+	- krb5 1.8.3+dfsg-5 (low)
 	[squeeze] - krb5 <no-dsa> (Will be fixed in a point update)
 	[lenny] - krb5 <not-affected> (Only affects 1.7.x onwards)
 	[etch] - krb5 <not-affected> (Only affects 1.7.x onwards)
@@ -11617,6 +11625,7 @@
 	NOT-FOR-US: HP System Management Homepage
 CVE-2010-1585 (The nsIScriptableUnescapeHTML.parseFragment method in the ...)
 	{DSA-2180-1}
+	- icedove 3.0.11-2
 	- xulrunner <removed>
 	- iceweasel 3.5.17-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)

More information about the Secure-testing-commits mailing list