[Secure-testing-commits] r17334 - data/CVE

Joey Hess joeyh at alioth.debian.org
Thu Sep 29 21:14:22 UTC 2011 

Author: joeyh
Date: 2011-09-29 21:14:22 +0000 (Thu, 29 Sep 2011)
New Revision: 17334

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2011-09-29 20:26:28 UTC (rev 17333)
+++ data/CVE/list	2011-09-29 21:14:22 UTC (rev 17334)
@@ -1,3 +1,7 @@
+CVE-2011-3867 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote ...)
+	TODO: check
+CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly ...)
+	TODO: check
 CVE-2011-3865 (Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme ...)
 	TODO: check
 CVE-2011-3864 (Cross-site scripting (XSS) vulnerability in the The Erudite theme ...)
@@ -769,8 +773,8 @@
 	RESERVED
 CVE-2011-3505
 	RESERVED
-CVE-2011-3504
-	RESERVED
+CVE-2011-3504 (The Matroska format decoder in FFmpeg before 0.8.3 does not properly ...)
+	TODO: check
 CVE-2011-3503 (Untrusted search path vulnerability in eSignal 10.6.2425.1208, and ...)
 	TODO: check
 CVE-2011-3502 (The web server in Cogent DataHub 7.1.1.63 and earlier allows remote ...)
@@ -1456,8 +1460,7 @@
 	NOTE: http://trac.webkit.org/changeset/92132
 CVE-2011-3233
 	RESERVED
-CVE-2011-3232
-	RESERVED
+CVE-2011-3232 (YARR, as used in Mozilla Firefox before 7.0, Thunderbird before 7.0, ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -2014,51 +2017,46 @@
 	NOT-FOR-US: McAfee SaaS
 CVE-2011-3006 (The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee SaaS ...)
 	NOT-FOR-US: McAfee SaaS
-CVE-2011-3005
-	RESERVED
+CVE-2011-3005 (Use-after-free vulnerability in Mozilla Firefox 4.x through 6, ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3004
-	RESERVED
+CVE-2011-3004 (The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and SeaMonkey ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3003
-	RESERVED
+CVE-2011-3003 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow remote ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3002
-	RESERVED
+CVE-2011-3002 (Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3001
-	RESERVED
+CVE-2011-3001 (Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey ...)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3000
-	RESERVED
+CVE-2011-3000 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before ...)
+	{DSA-2313-1 DSA-2312-1}
 	- icedove <unfixed>
 	- xulrunner <removed>
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner from the xulrunner source pkg)
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2999
-	RESERVED
+CVE-2011-2999 (Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before ...)
+	{DSA-2313-1 DSA-2312-1}
 	- icedove <unfixed>
 	- xulrunner <removed>
 	- iceweasel 7.0-1
@@ -2067,6 +2065,7 @@
 	[lenny] - iceape <not-affected> (Only a stub package)
 CVE-2011-2998 [http://www.mozilla.org/security/announce/2011/mfsa2011-37.html]
 	RESERVED
+	{DSA-2313-1 DSA-2312-1}
 	- icedove <unfixed>
 	- xulrunner <removed>
 	- iceweasel 7.0-1
@@ -2074,21 +2073,19 @@
 	- iceape 2.0.14-8
 	[lenny] - iceape <not-affected> (Only a stub package)
 	NOTE: Only affects firefox 3.6 code base, not 4.0 oder later
-CVE-2011-2997
-	RESERVED
+CVE-2011-2997 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	- xulrunner <not-affected> (Only affects Firefox 6)
 	- iceweasel 7.0-1
 	[lenny] - iceweasel <not-affected> (Only affects Firefox 6)
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox 6)
 	- iceape <not-affected> (Only affects Firefox 6)
-CVE-2011-2996
-	RESERVED
+CVE-2011-2996 (Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x ...)
 	- icedove <not-affected> (Only affects MacOS)
 	- xulrunner <not-affected> (Only affects MacOS)
 	- iceweasel <not-affected> (Only affects MacOS)
 	- iceape <not-affected> (Only affects MacOS)
-CVE-2011-2995
-	RESERVED
+CVE-2011-2995 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
+	{DSA-2313-1 DSA-2312-1}
 	- icedove <unfixed>
 	- xulrunner <removed>
 	- iceweasel 7.0-1
@@ -3826,8 +3823,8 @@
 	- iceape 2.0.14-3
 	[lenny] - iceape <not-affected> (Only a stub package)
 	- icedove 3.1.11-1
-CVE-2011-2372
-	RESERVED
+CVE-2011-2372 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before ...)
+	{DSA-2313-1 DSA-2312-1}
 	- icedove <unfixed>
 	- xulrunner <removed>
 	- iceweasel 7.0-1

More information about the Secure-testing-commits mailing list