[Secure-testing-commits] r13242 - data

Michael Gilbert Sun, 08 Nov 2009 19:13:24 -0800

Author: gilbert-guest
Date: 2009-11-09 03:13:14 +0000 (Mon, 09 Nov 2009)
New Revision: 13242


Modified:
   data/embedded-code-copies
Log:
bugs for prototypejs (more to do: scriptaculous, lucene, horde3, but i'm tired; 
will get to it in the next few days)

Modified: data/embedded-code-copies
===================================================================
--- data/embedded-code-copies   2009-11-09 02:51:03 UTC (rev 13241)
+++ data/embedded-code-copies   2009-11-09 03:13:14 UTC (rev 13242)
@@ -643,63 +643,43 @@
 
 prototypejs
        - netbeans-ide 6.0.1+dfsg-2 (embed)
-       - auth2db <unfixed> (embed)
-       - webcit <unfixed> (embed)
+       - auth2db <unfixed> (embed; bug #555218)
+       - webcit <unfixed> (embed; bug #555219)
        - asterisk 1:1.6.2.0~rc3-1 (embed)
-       - doc-iana <unfixed> (embed)
-       - libaws <unfixed> (embed)
-       - libjson-ruby <unfixed> (embed)
-       - lucene2 <unfixed> (embed)
-       - solr <unfixed> (embed)
-       - glpi <unfixed> (embed)
-       - mnemo2 <unfixed> (embed)
-       - nag2 <unfixed> (embed)
-       - knowledgeroot <unfixed> (embed)
-       - mediatomb <unfixed> (embed)
+       - libjson-ruby <unfixed> (embed; bug #555224)
+       - lucene2 <unfixed> (embed; bug #555226)
+       - horde3 <unfixed> (embed)
+       - knowledgeroot <unfixed> (embed; bug #555230)
+       - mediatomb <unfixed> (embed; bug #555233)
        - mt-daapd 0.9~r1696.dfsg-6lenny2 (embed)
-       - op-panel <unfixed> (embed)
-       - ebug-http <unfixed> (embed)
+       - ebug-http <unfixed> (embed; bug #555236)
        - phpgedview <removed> (embed)
-       - poker-network <unfixed> (embed)
-       - webhelpers <unfixed> (embed)
-       - qwik <unfixed> (embed)
+       - poker-network <unfixed> (embed; bug #555238)
        - rails 2.1.0-6 (embed)
-       - typo3-src <unfixed> (embed)
-       - wordpress 2.5.0-2 (embed)
-       - zope <unfixed> (embed)
-       - smokeping 2.3.6-3 (embed)
+       - wordpress 2.5.0-2 (embed; bug #555243)
+       - zope <not-affected> (the prototypejs embed is not in any of the 
obvious zope packages, e.g. zope2.9, zope2.10, zope2.11, and zope3)
+       TODO: search through all of the other zope packages
        - ampache 3.4.1-2 (embed)
-       - exaile <unfixed> (embed)
-       - hobix <unfixed> (embed)
-       - pixelpost <unfixed> (embed)
-       - symfony <unfixed> (embed)
-       NOTE: it's been said that there are custom changes
-       - zabbix <unfixed> (embed)
-       - turba2 <unfixed> (embed)
-       - chora2 <unfixed> (embed)
-       - gollem <unfixed> (embed)
-       - jscropperui <unfixed> (embed)
-       - rt-extension-emailcompletion <unfixed> (embed)
-       - scriptaculous <unfixed> (embed)
-       - ingo1 <unfixed> (embed)
-       - kronolith2 <unfixed> (embed)
-       - libpdfbox-java <unfixed> (embed)
+       - exaile <unfixed> (embed; bug #555245)
+       - hobix <unfixed> (embed; bug #555247)
+       - zabbix <unfixed> (embed; bug #555250)
+       - chora2 <unfixed> (embed; bug #555253)
+       - gollem <unfixed> (embed; bug # 555254)
+       - jscropperui <unfixed> (embed; bug #555257)
+       - scriptaculous <unfixed> (embed; bug #555260)
+       - ingo1 <unfixed> (embed; bug #555261)
+       - kronolith2 <unfixed> (embed; bug #555262)
        - activeldap <unfixed> (embed)                  
-       - libfontbox-java <unfixed> (embed)
-       - libjempbox-java <unfixed> (embed)
-       - libv8 <unfixed> (embed)
-       - mantis <unfixed> (embed)
-       - otrs2 <unfixed> (embed)
-       - webcalendar <unfixed> (embed)
-       - redmine <unfixed> (embed)
-       - jifty <unfixed> (embed)
-       - jquery <unfixed> (embed)
-       - passenger <unfixed> (embed)
-       - plone3 <unfixed> (embed)
-       - pylucene <unfixed> (embed)
-       - request-tracker3.6 <unfixed> (embed)
-       - request-tracker3.8 <unfixed> (embed)
-       - wesnoth <unfixed> (embed)
+       - libv8 <not-affected> (contains a google-specific implementation of 
prototype.js)
+       - mantis <unfixed> (embed; bug #555265)
+       - otrs2 <unfixed> (embed; bug #555267)
+       - webcalendar <unfixed> (embed; bug #555269)
+       - redmine 0.9.0~svn2907-1 (embed; bug #555270)
+       - jifty <unfixed> (embed; bug #555271)
+       - jquery <unfixed> (embed; bug #555272)
+       - passenger <unfixed> (embed; bug #555273)
+       - plone3 <unfixed> (embed; bug #555275)
+       - wesnoth <unfixed> (embed; bug #555277)
        - xulrunner <unfixed> (embed)
        NOTE: included in iceweasel/xulrunner unit tests directory, so may not 
be security-relevant
 
@@ -775,22 +755,21 @@
        - glpi <unfixed> (embed)
        - moodle <unfixed> (embed; bug #505984)
 
-scriptaculous
+scriptaculous (prototype.js is among the embeds in the following)
        - glpi <unfixed> (embed)
-       - libaws <unfixed> (embed)
-       NOTE: libaws-doc
+       - libaws <unfixed> (embed; bug #555222)
        - op-panel <unfixed> (embed)
        - symfony <unfixed> (embed)
        NOTE: maintainer says there are extra incompatible changes required
        - pixelpost <unfixed> (embed)
        - webhelpers <unfixed> (embed)
-       NOTE: python-webhelpers
-       - qwik <unfixed> (embed)
+       - qwik <unfixed> (embed; bug #555241)
        - smokeping <unfixed> (embed)
        - turba2 <unfixed> (embed)
        - typo3-src 4.2.3-1 (embed)
        - request-tracker3.6 <unfixed> (embed)
        - request-tracker3.8 <unfixed> (embed)
+       - rt-extension-emailcompletion <unfixed> (embed)
 
 libmarkdown-php
        - moodle <unfixed> (embed; bug #507185)
@@ -915,9 +894,7 @@
        - zope-textindexng3 <unknown> (embed)
        - iceweasel <unknown> (embed)
        - xulrunner <unknown> (embed)
-       - wireshark <not-affected> (embed)
-       NOTE: python-ply modules are not installed into binary packages
-       NOTE: see #554613
+       - wireshark <not-affected> (python-ply modules are not installed into 
binary packages; see #554613)
 
 libdumbnet (libdnet upstream)
        - nmap <unfixed> (fork)
@@ -1095,8 +1072,7 @@
        - iceweasel <unknown> (embed)
        - sabnzbdplus <unknown> (embed)
        - xulrunner <unknown> (embed)
-       - nipy <not-affected> (embed) 
[./examples/neurospin/neurospy/configobj.py]
-       NOTE: part of an example, which is not installed into binary packages
+       - nipy <not-affected> (part of an example 
[/examples/neurospin/neurospy/configobj.py], which is not installed into binary 
packages)
 
 python-clientform
        - bibus <unfixed> (embed)
@@ -1277,7 +1253,7 @@
        NOTE: be dangerous if developers are naively basing their code off of 
the examples
        NOTE: prototype.js is among the example files
 
-lucene2
+lucene2 (prototype.js is among the embeds in the following)
        - lucene <unfixed> (old-version)
        - pylucene <unfixed> (embed)
        - libpdfbox-java <unfixed> (embed)
@@ -1346,3 +1322,7 @@
        - convirt <unfixed> (embed)
        - pida <unfixed> (embed)
        - rednotebook <unfixed> (embed)
+
+horde3 (prototype.js is among the embeds in the following)
+       - mnemo2 <unfixed> (embed)
+       - nag2 <unfixed> (embed)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r13242 - data

Reply via email to