[Secure-testing-commits] r20077 - data/CVE

Florian Weimer fw at alioth.debian.org
Sun Sep 2 14:13:45 UTC 2012 

Author: fw
Date: 2012-09-02 14:13:45 +0000 (Sun, 02 Sep 2012)
New Revision: 20077

Modified:
   data/CVE/list
Log:
Mark a couple of older icedove vulnerabilities as fixed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-01 18:41:45 UTC (rev 20076)
+++ data/CVE/list	2012-09-02 14:13:45 UTC (rev 20077)
@@ -10415,7 +10415,7 @@
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 CVE-2012-0464 (Use-after-free vulnerability in the browser engine in Mozilla Firefox ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
@@ -10424,7 +10424,7 @@
 CVE-2012-0463 (The nsWindow implementation in the browser engine in Mozilla Firefox ...)
 	- iceweasel <not-affected> (Only affects Firefox Mobile on Android)
 CVE-2012-0462 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
@@ -10432,18 +10432,18 @@
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0461 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
 CVE-2012-0460 (Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0459 (The Cascading Style Sheets (CSS) implementation in Mozilla Firefox 4.x ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
@@ -10451,11 +10451,11 @@
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0458 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
 CVE-2012-0457 (Use-after-free vulnerability in the ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
@@ -10463,12 +10463,12 @@
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0456 (The SVG Filters implementation in Mozilla Firefox before 3.6.28 and ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
 CVE-2012-0455 (Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x ...)
 	{DSA-2458-1 DSA-2437-1 DSA-2433-1}
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	- iceweasel 10.0.3esr-1
 	- iceape 2.7.3-1
 CVE-2012-0454 (Use-after-free vulnerability in Mozilla Firefox 4.x through 10.0, ...)
@@ -10483,14 +10483,14 @@
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 10)
 	- iceape <not-affected> (Vulnerable version never uploaded to the archive)
 CVE-2012-0451 (CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (CSP introduced in Thunderbird 3.3)
 	- iceweasel 10.0.3esr-1
 	[squeeze] - iceweasel <not-affected> (CSP introduced in Firefox 4)
 	- iceape 2.7.3-1
 	[squeeze] - iceape <not-affected> (CSP introduced in Seamonkey 2.1)
 CVE-2012-0450 (Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
@@ -10499,7 +10499,7 @@
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2012-0449 (Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before ...)
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[lenny] - icedove <end-of-life>
 	- xulrunner <removed>
 	- iceweasel 10.0-1
@@ -10511,7 +10511,7 @@
 	- bugzilla4 <itp> (bug #669643)
 	[squeeze] - bugzilla <no-dsa> (Minor issue)
 CVE-2012-0447 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
@@ -10519,7 +10519,7 @@
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2012-0446 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
@@ -10527,7 +10527,7 @@
 	[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2012-0445 (Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and ...)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[squeeze] - icedove <not-affected> (Only affects Firefox >= 4)
 	- xulrunner <not-affected> (Only affects Firefox >= 4)
 	- iceweasel 10.0-1
@@ -10539,7 +10539,7 @@
 	- libvorbisidec 1.0.2+svn18153-0.1 (bug #669196)
 	[squeeze] - libvorbisidec <no-dsa> (Minor issue, no dev-deps)
 	- libvorbis 1.3.2-1.2 (bug #664197)
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[lenny] - icedove <not-affected> (Vulnerable code not present)
 	- xulrunner <not-affected> (Vulnerable code not present)
 	- iceweasel 10.0-1
@@ -10554,7 +10554,7 @@
 	- iceape <not-affected> (Only affects Firefox >= 4)
 CVE-2012-0442 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-2406-1 DSA-2402-1 DSA-2400-1}
-	- icedove <unfixed>
+	- icedove 10.0.3-1
 	[lenny] - icedove <end-of-life>
 	- xulrunner <removed>
 	- iceweasel 10.0-1

More information about the Secure-testing-commits mailing list