[Secure-testing-commits] r19634 - in data: . CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Jul 2 17:13:00 UTC 2012
Author: jmm
Date: 2012-07-02 17:12:59 +0000 (Mon, 02 Jul 2012)
New Revision: 19634
Modified:
data/CVE/list
data/next-point-update.txt
Log:
cleanup some mozilla issues in stable
NFUs
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-07-02 07:08:49 UTC (rev 19633)
+++ data/CVE/list 2012-07-02 17:12:59 UTC (rev 19634)
@@ -4146,9 +4146,9 @@
CVE-2012-2042 (Adobe Illustrator before CS6 allows attackers to execute arbitrary ...)
NOT-FOR-US: Adobe Illustrator
CVE-2012-2041 (CRLF injection vulnerability in the Component Browser in Adobe ...)
- TODO: check
+ NOT-FOR-US: Adobe ColdFusion
CVE-2012-2040 (Untrusted search path vulnerability in the installer in Adobe Flash ...)
- TODO: check
+ NOT-FOR-US: Adobe Flash
CVE-2012-2039 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
NOT-FOR-US: Adobe Flash
CVE-2012-2038 (Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on ...)
@@ -4206,7 +4206,7 @@
CVE-2012-2012
RESERVED
CVE-2012-2011 (Multiple cross-site scripting (XSS) vulnerabilities in HP Web Jetadmin ...)
- TODO: check
+ NOT-FOR-US: HP Web Jetadmin
CVE-2012-2010 (The ACMELOGIN implementation in HP OpenVMS 8.3 and 8.4 on the Alpha ...)
NOT-FOR-US: OpenVMS
CVE-2012-2009 (Unspecified vulnerability in HP Performance Insight for Networks ...)
@@ -4355,7 +4355,9 @@
- icedove 10.0.5-1
CVE-2012-1944 (The Content Security Policy (CSP) implementation in Mozilla Firefox ...)
- iceweasel 10.0.5esr-1
+ [squeeze] - iceweasel <not-affected> (CSP not yet available)
- icedove 10.0.5-1
+ [squeeze] - icedovel <not-affected> (CSP not yet available)
CVE-2012-1943 (Untrusted search path vulnerability in Updater.exe in the Windows ...)
- iceweasel <not-affected> (windows-specific)
CVE-2012-1942 (The Mozilla Updater and Windows Updater Service in Mozilla Firefox ...)
@@ -4497,27 +4499,27 @@
CVE-2012-1883
RESERVED
CVE-2012-1882 (Microsoft Internet Explorer 6 through 9 does not block cross-domain ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1881 (Microsoft Internet Explorer 8 and 9 does not properly handle objects ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1880 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1879 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1878 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1877 (Microsoft Internet Explorer 6 through 9 does not properly handle ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1876 (Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1875 (Microsoft Internet Explorer 8 does not properly handle objects in ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1874 (Microsoft Internet Explorer 8 and 9 does not properly handle objects ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1873 (Microsoft Internet Explorer 7 through 9 does not properly create and ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1872 (Cross-site scripting (XSS) vulnerability in Microsoft Internet ...)
- TODO: check
+ NOT-FOR-US: Microsoft Internet Explorer
CVE-2012-1871
RESERVED
CVE-2012-1870
@@ -6719,7 +6721,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2012/05/03/4
CVE-2012-0946 (The NVIDIA UNIX driver before 295.40 allows local users to access ...)
- nvidia-graphics-drivers 295.40-1
- [squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
+ [squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
CVE-2012-0945
RESERVED
CVE-2012-0944 (Aptdaemon 0.43 and earlier in Ubuntu 11.04, 11.10, and 12.04 LTS does ...)
@@ -8059,6 +8061,7 @@
[squeeze] - iceape <not-affected> (CSP introduced in Seamonkey 2.1)
CVE-2012-0450 (Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and ...)
- icedove <unfixed>
+ [squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 10.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -8078,6 +8081,7 @@
[squeeze] - bugzilla <no-dsa> (Minor issue)
CVE-2012-0447 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and ...)
- icedove <unfixed>
+ [squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 10.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -8085,6 +8089,7 @@
- iceape <not-affected> (Only affects Firefox >= 4)
CVE-2012-0446 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
- icedove <unfixed>
+ [squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 10.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -8092,6 +8097,7 @@
- iceape <not-affected> (Only affects Firefox >= 4)
CVE-2012-0445 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and ...)
- icedove <unfixed>
+ [squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 10.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt 2012-07-02 07:08:49 UTC (rev 19633)
+++ data/next-point-update.txt 2012-07-02 17:12:59 UTC (rev 19634)
@@ -4,6 +4,7 @@
[squeeze] - eglibc 2.11.3-4
CVE-2012-2738
[squeeze] - vte 1:0.24.3-4
+CVE-2012-0946
+ [squeeze] - nvidia-graphics-drivers 195.36.31-6squeeze1
-
More information about the Secure-testing-commits
mailing list