[Secure-testing-commits] r25307 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 21 06:09:45 UTC 2014
Author: carnil
Date: 2014-01-21 06:09:45 +0000 (Tue, 21 Jan 2014)
New Revision: 25307
Modified:
data/CVE/list
Log:
iceape was removed from unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-01-21 06:05:26 UTC (rev 25306)
+++ data/CVE/list 2014-01-21 06:09:45 UTC (rev 25307)
@@ -4311,7 +4311,7 @@
CVE-2013-6673 (Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird ...)
- iceweasel 24.2.0esr-1
- icedove 24.2.0-1
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceweasel <end-of-life>
[wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
@@ -4323,7 +4323,7 @@
CVE-2013-6671 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before ...)
- iceweasel 24.2.0esr-1
- icedove 24.2.0-1
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
[wheezy] - iceape <end-of-life>
@@ -4477,7 +4477,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 24.2.0-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
@@ -4496,7 +4496,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 24.2.0-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
@@ -7006,7 +7006,7 @@
CVE-2013-5618 (Use-after-free vulnerability in the nsNodeUtils::LastRelease function ...)
- iceweasel 24.2.0esr-1
- icedove 24.2.0-1
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceweasel <end-of-life>
[wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
@@ -7016,7 +7016,7 @@
CVE-2013-5616 (Use-after-free vulnerability in the ...)
- iceweasel 24.2.0esr-1
- icedove 24.2.0-1
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceweasel <end-of-life>
[wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
@@ -7024,7 +7024,7 @@
CVE-2013-5615 (The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ...)
- iceweasel 24.2.0esr-1
- icedove 24.2.0-1
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceweasel <end-of-life>
[wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
@@ -7034,7 +7034,7 @@
CVE-2013-5613 (Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove ...)
- iceweasel 24.2.0esr-1
- icedove 24.2.0-1
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceweasel <end-of-life>
[wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
@@ -7050,7 +7050,7 @@
CVE-2013-5609 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceweasel 24.2.0esr-1
- icedove 24.2.0-1
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceweasel <end-of-life>
[wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
@@ -7073,7 +7073,7 @@
[squeeze] - icedove <end-of-life>
[wheezy] - iceape <end-of-life>
[squeeze] - iceape <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
CVE-2013-5603 (Use-after-free vulnerability in the ...)
- iceweasel 24.1.0esr-1
[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
@@ -7088,14 +7088,14 @@
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
- icedove 17.0.10-1
- - iceape <unfixed>
+ - iceape <removed>
CVE-2013-5601 (Use-after-free vulnerability in the ...)
{DSA-2797-1 DSA-2788-1}
- iceweasel 24.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.10-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[wheezy] - iceape <end-of-life>
[squeeze] - iceape <end-of-life>
CVE-2013-5600 (Use-after-free vulnerability in the ...)
@@ -7106,7 +7106,7 @@
[wheezy] - iceape <end-of-life>
[squeeze] - iceape <end-of-life>
- icedove 17.0.10-1
- - iceape <unfixed>
+ - iceape <removed>
CVE-2013-5599 (Use-after-free vulnerability in the nsIPresShell::GetPresContext ...)
{DSA-2797-1 DSA-2788-1}
- iceweasel 24.1.0esr-1
@@ -7115,7 +7115,7 @@
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
- icedove 17.0.10-1
- - iceape <unfixed>
+ - iceape <removed>
CVE-2013-5598 (PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 ...)
- iceweasel 24.1.0esr-1
[wheezy] - iceweasel <not-affected> (Only affects Firefox >=24)
@@ -7130,7 +7130,7 @@
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
- icedove 17.0.10-1
- - iceape <unfixed>
+ - iceape <removed>
CVE-2013-5596 (The cycle collection (CC) implementation in Mozilla Firefox before ...)
- iceweasel 24.1.0esr-1
[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
@@ -7145,7 +7145,7 @@
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
- icedove 17.0.10-1
- - iceape <unfixed>
+ - iceape <removed>
CVE-2013-5594
RESERVED
CVE-2013-5593 (The SELECT element implementation in Mozilla Firefox before 25.0, ...)
@@ -7174,7 +7174,7 @@
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
- icedove 17.0.10-1
- - iceape <unfixed>
+ - iceape <removed>
CVE-2013-5634 (arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM ...)
- linux 3.11.5-1
[wheezy] - linux <not-affected> (KVM for arm introduced in 3.9)
@@ -17359,7 +17359,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.9-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1735 (Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity ...)
@@ -17368,7 +17368,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.9-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1734 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...)
@@ -17386,7 +17386,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.9-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1731 (Untrusted search path vulnerability in the GL tracing functionality in ...)
@@ -17399,7 +17399,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.9-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1729 (The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA ...)
@@ -17426,7 +17426,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.9-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1724 (Use-after-free vulnerability in the ...)
@@ -17447,7 +17447,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.9-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1721 (Integer overflow in the drawLineLoop function in the libGLESv2 library ...)
@@ -17473,7 +17473,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.9-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1717 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
@@ -17482,7 +17482,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.8-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1716
@@ -17495,7 +17495,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.8-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1713 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
@@ -17504,7 +17504,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.8-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1712 (Multiple untrusted search path vulnerabilities in updater.exe in ...)
@@ -17520,7 +17520,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.8-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1709 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
@@ -17529,7 +17529,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.8-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1708 (Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote ...)
@@ -17563,7 +17563,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.8-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1700 (The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on ...)
@@ -17578,7 +17578,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1696 (Mozilla Firefox before 22.0 does not properly enforce the ...)
@@ -17591,7 +17591,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1693 (The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ...)
@@ -17600,7 +17600,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1692 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, ...)
@@ -17609,7 +17609,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1691
@@ -17620,7 +17620,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1689
@@ -17634,7 +17634,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1686 (Use-after-free vulnerability in the mozilla::ResetDir function in ...)
@@ -17643,7 +17643,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1685 (Use-after-free vulnerability in the nsIDocument::GetRootElement ...)
@@ -17652,7 +17652,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1684 (Use-after-free vulnerability in the ...)
@@ -17661,7 +17661,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1683 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
@@ -17674,7 +17674,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1681 (Use-after-free vulnerability in the ...)
@@ -17683,7 +17683,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
@@ -17692,7 +17692,7 @@
- iceweasel 17.0.6esr-1
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1679 (Use-after-free vulnerability in the ...)
@@ -17701,7 +17701,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
@@ -17710,7 +17710,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
@@ -17719,7 +17719,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
@@ -17728,7 +17728,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
@@ -17737,7 +17737,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
@@ -17746,7 +17746,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1673 (The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not ...)
@@ -17763,7 +17763,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-1669 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
@@ -20046,7 +20046,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
@@ -20055,7 +20055,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
- wine-gecko-1.4 <unfixed> (unimportant)
@@ -20074,14 +20074,14 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
{DSA-2720-1 DSA-2699-1}
- icedove 17.0.7-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
- iceweasel 17.0.5esr-1
[squeeze] - iceweasel <end-of-life>
@@ -20089,7 +20089,7 @@
CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent ...)
- iceweasel 17.0.5esr-1 (low)
[squeeze] - iceweasel <end-of-life>
- - iceape <unfixed> (low)
+ - iceape <removed> (low)
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
@@ -20098,13 +20098,13 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0792 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when ...)
- iceweasel 17.0.5esr-1 (low)
[squeeze] - iceweasel <end-of-life>
- - iceape <unfixed> (low)
+ - iceape <removed> (low)
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0791 (The CERT_DecodeCertPackage function in Mozilla Network Security ...)
@@ -20120,7 +20120,7 @@
{DSA-2699-1}
- iceweasel 17.0.5esr-1
[squeeze] - iceweasel <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
@@ -20131,7 +20131,7 @@
- iceweasel 17.0.5esr-1
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0786 (The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x ...)
@@ -20152,7 +20152,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
@@ -20161,7 +20161,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0781 (Use-after-free vulnerability in the nsPrintEngine::CommonPrint ...)
@@ -20174,7 +20174,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0779 (The nsCodingStateMachine::NextState function in Mozilla Firefox before ...)
@@ -20195,7 +20195,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0775 (Use-after-free vulnerability in the ...)
@@ -20204,7 +20204,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0774 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
@@ -20217,7 +20217,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- - iceape <unfixed>
+ - iceape <removed>
[squeeze] - iceape <end-of-life>
[wheezy] - iceape <end-of-life>
CVE-2013-0772 (The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, ...)
@@ -37875,7 +37875,7 @@
- iceweasel 12.0-1 (low; bug #703071)
[squeeze] - iceweasel <no-dsa> (Minor issue, also not fixed in ESV branch)
[wheezy] - iceweasel <no-dsa> (Minor issue, also not fixed in ESV branch)
- - iceape <unfixed> (low)
+ - iceape <removed> (low)
[squeeze] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
[wheezy] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
NOTE: Fixed in Thunderbird 12 and Seamonkey 2.9
@@ -50560,7 +50560,7 @@
- iceweasel 12.0-1 (bug #703071)
[wheezy] - iceweasel <no-dsa> (Minor issue, also not fixed in ESV branch)
[squeeze] - iceweasel <no-dsa> (Minor issue, also not fixed in ESV branch)
- - iceape <unfixed> (low)
+ - iceape <removed> (low)
[wheezy] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
[squeeze] - iceape <no-dsa> (Minor issue, also not fixed in ESV branch)
NOTE: Fixed in Thunderbird 12 and Seamonkey 2.9
@@ -61426,21 +61426,21 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2010-1990 (Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, ...)
- xulrunner <unfixed> (unimportant; bug #582590)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
NOTE: browser dos attacks are not considered security-relevant
CVE-2010-1989 (Opera 9.52 executes a mail application in situations where an IMG ...)
NOT-FOR-US: Opera
CVE-2010-1988 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
- xulrunner <unfixed> (unimportant)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
CVE-2010-1987 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
- xulrunner <unfixed> (unimportant)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
CVE-2010-1986 (Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to ...)
- xulrunner <unfixed> (unimportant)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
NOTE: these poc's do lead to heavy resource consumption on xulrunner 1.9.1.9, but it does not crash (that may be a windows-specific symptom)
CVE-2010-1985 (Multiple cross-site scripting (XSS) vulnerabilities in the ...)
NOT-FOR-US: Six Apart Movable type
@@ -66291,7 +66291,7 @@
[lenny] - icedove <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
- iceweasel 3.5.11-2
[lenny] - iceweasel <not-affected> (Iceweasel in Lenny links against xulrunner)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
[etch] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
[lenny] - iceape <not-affected> (dns prefetching implemented in xulrunner 1.9.1)
CVE-2005-4885 (Unspecified vulnerability on certain Sun StorEdge 6130 (SE6130) ...)
@@ -69952,7 +69952,7 @@
- ghostscript 8.71~dfsg-2 (unimportant; bug #560930)
- gs-gpl <removed> (unimportant)
- grmonitor <removed> (unimportant; bug #560931)
- - iceape <unfixed> (unimportant; bug #560932)
+ - iceape <removed> (unimportant; bug #560932)
- insighttoolkit 3.16.0-1 (unimportant; bug #560933)
- paraview 3.6.2-1 (unimportant; bug #560935)
- poco 1.3.6p1-1 (unimportant; bug #560936)
@@ -70434,7 +70434,7 @@
- ghostscript 8.71~dfsg-2 (unimportant; bug #560930)
- gs-gpl <removed> (unimportant)
- grmonitor <removed> (unimportant; bug #560931)
- - iceape <unfixed> (unimportant; bug #560932)
+ - iceape <removed> (unimportant; bug #560932)
- insighttoolkit 3.16.0-1 (unimportant; bug #560933)
- paraview 3.6.2-1 (unimportant; bug #560935)
- poco 1.3.6p1-1 (unimportant; bug #560936)
@@ -103840,7 +103840,7 @@
- mozilla-firefox <removed> (unimportant)
- mozilla <removed> (unimportant)
- iceweasel <unfixed> (unimportant)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
CVE-2007-4356 (Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-4355 (Buffer overflow in the at program on IBM AIX 5.3 allows local users to ...)
@@ -111966,7 +111966,7 @@
NOT-FOR-US: Google Desktop
CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...)
- iceweasel <unfixed> (unimportant; bug #556268)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
- epiphany-browser <unfixed> (unimportant; bug #556272)
NOTE: only epiphany-gecko backend affected
- galeon 2.0.7-2 (unimportant; bug #556270)
@@ -129899,7 +129899,7 @@
CVE-2006-0496 (Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and ...)
- iceweasel 3.0-1 (unimportant; bug #349339)
- mozilla-firefox <removed> (unimportant; bug #349339)
- - iceape <unfixed> (unimportant)
+ - iceape <removed> (unimportant)
- xulrunner <unfixed> (unimportant)
NOTE: This is not a direct vulnerability, but rather the lack of protection
NOTE: for shooting into own's own foot, so we should treat it as a security
More information about the Secure-testing-commits
mailing list