[Secure-testing-commits] r20224 - data/CVE

Tue Sep 25 06:30:03 UTC 2012

Author: jmm
Date: 2012-09-25 06:30:02 +0000 (Tue, 25 Sep 2012)
New Revision: 20224

Modified:
   data/CVE/list
Log:
tomcat6 fixed
some iceweasel issues not-affected in squeeze


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2012-09-24 21:14:18 UTC (rev 20223)
+++ data/CVE/list	2012-09-25 06:30:02 UTC (rev 20224)
@@ -2945,6 +2945,9 @@
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3979 (Mozilla Firefox before 15.0 on Android does not properly implement ...)
 	- iceweasel <not-affected> (Only affects Firefox for Android)
 CVE-2012-3978 (The nsLocation::CheckURL function in Mozilla Firefox before 15.0, ...)
@@ -2957,6 +2960,8 @@
 CVE-2012-3976 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, and ...)
 	- iceweasel 10.0.7esr-1
 	- iceape 2.7.7-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3975 (The DOMParser component in Mozilla Firefox before 15.0, Thunderbird ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 	- icedove <not-affected> (Only affects Firefox >= 10)
@@ -2991,10 +2996,16 @@
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3966 (Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, ...)
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3965 (Mozilla Firefox before 15.0 does not properly restrict navigation to ...)
 	- iceweasel <not-affected> (Only affects Firefox >= 10)
 CVE-2012-3964 (Use-after-free vulnerability in the gfxTextRun::GetUserData function ...)
@@ -3018,6 +3029,9 @@
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3959 (Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode ...)
 	{DSA-2553-1}
 	- iceweasel 10.0.7esr-1
@@ -3031,6 +3045,9 @@
 	- iceweasel 10.0.7esr-1
 	- icedove 10.0.7-1
 	- iceape 2.7.7-1
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2012-3956 (Use-after-free vulnerability in the ...)
 	- iceweasel <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
 	- icedove <not-affected> (Vulnerable code not present in Firefox 10.x codebase)
@@ -28717,7 +28734,7 @@
 CVE-2010-4313 (Unrestricted file upload vulnerability in fileman_file_upload.php in ...)
 	NOT-FOR-US: Orbis CMS
 CVE-2010-4312 (The default configuration of Apache Tomcat 6.x does not include the ...)
-	- tomcat6 <unfixed> (unimportant; bug #608286)
+	- tomcat6 6.0.35-5 (unimportant; bug #608286)
 	[lenny] - tomcat6 <not-affected> (Only ships the servlet package)
 CVE-2010-4311 (Free Simple Software 1.0 stores passwords in cleartext, which allows ...)
 	NOT-FOR-US: Free Simple Software


