[Secure-testing-commits] r20219 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Mon Sep 24 07:31:08 UTC 2012
Author: jmm
Date: 2012-09-24 07:31:08 +0000 (Mon, 24 Sep 2012)
New Revision: 20219
Modified:
data/CVE/list
Log:
icedove fixed
fwknop fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2012-09-23 21:14:19 UTC (rev 20218)
+++ data/CVE/list 2012-09-24 07:31:08 UTC (rev 20219)
@@ -1643,17 +1643,17 @@
NOTE: http://code.google.com/p/smarty-php/source/detail?r=4658
CVE-2012-4436 [local buffer overflow in --last processing with a maliciously constructed ~/.fwknop.run file]
RESERVED
- - fwknop <unfixed> (bug #688151)
+ - fwknop 2.0.3-1 (bug #688151)
NOTE: http://seclists.org/oss-sec/2012/q3/509
NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=a60f05ad44e824f6230b22f8976399340cb535dc
CVE-2012-4435 [fwknop 2.0.3: server did not properly validate allow IP addresses ... ]
RESERVED
- - fwknop <unfixed> (bug #688151)
+ - fwknop 2.0.3-1 (bug #688151)
NOTE: http://seclists.org/oss-sec/2012/q3/509
NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=f4c16bc47fc24a96b63105556b62d61c1ba7d799
CVE-2012-4434 [fwknop 2.0.3: multiple DoS / code execution flaw]
RESERVED
- - fwknop <unfixed> (bug #688151)
+ - fwknop 2.0.3-1 (bug #688151)
NOTE: http://seclists.org/oss-sec/2012/q3/509
NOTE: http://www.cipherdyne.org/cgi-bin/gitweb.cgi?p=fwknop.git;a=commitdiff;h=d46ba1c027a11e45821ba897a4928819bccc8f22
CVE-2012-4433
@@ -2725,13 +2725,13 @@
- bugzilla4 <itp> (bug #669643)
CVE-2012-3980 (The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3979 (Mozilla Firefox before 15.0 on Android does not properly implement ...)
- iceweasel <not-affected> (Only affects Firefox for Android)
CVE-2012-3978 (The nsLocation::CheckURL function in Mozilla Firefox before 15.0, ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3977
RESERVED
@@ -2748,7 +2748,7 @@
- iceweasel <not-affected> (Only affects Firefox >= 10)
CVE-2012-3972 (The format-number functionality in the XSLT implementation in Mozilla ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3971 (Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla ...)
- iceweasel <not-affected> (Only affects Firefox >= 10)
@@ -2760,7 +2760,7 @@
- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
CVE-2012-3969 (Integer overflow in the nsSVGFEMorphologyElement::Filter function in ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3968 (Use-after-free vulnerability in the WebGL implementation in Mozilla ...)
- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
@@ -2768,11 +2768,11 @@
- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
CVE-2012-3967 (The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3966 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3965 (Mozilla Firefox before 15.0 does not properly restrict navigation to ...)
- iceweasel <not-affected> (Only affects Firefox >= 10)
@@ -2786,7 +2786,7 @@
- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
CVE-2012-3962 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3961 (Use-after-free vulnerability in the RangeData implementation in ...)
- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
@@ -2794,11 +2794,11 @@
- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
CVE-2012-3960 (Use-after-free vulnerability in the ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3959 (Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3958 (Use-after-free vulnerability in the ...)
- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
@@ -2806,7 +2806,7 @@
- iceape <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
CVE-2012-3957 (Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-3956 (Use-after-free vulnerability in the ...)
- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
@@ -7597,23 +7597,23 @@
NOT-FOR-US: WellinTech KingSCADA
CVE-2012-1976 (Use-after-free vulnerability in the ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-1975 (Use-after-free vulnerability in the PresShell::CompleteMove function ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-1974 (Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-1973 (Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-1972 (Use-after-free vulnerability in the ...)
- iceweasel 10.0.7esr-1
- - icedove <unfixed>
+ - icedove 10.0.7-1
- iceape 2.7.7-1
CVE-2012-1971 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceweasel <not-affected> (Only affects Firefox >= 10)
More information about the Secure-testing-commits
mailing list