[Secure-testing-commits] r15509 - data/CVE

Moritz Muehlenhoff Sat, 23 Oct 2010 08:25:04 -0700

Author: jmm-guest
Date: 2010-10-23 15:24:33 +0000 (Sat, 23 Oct 2010)
New Revision: 15509


Modified:
   data/CVE/list
Log:
new libsmi issue
new mozilla issues
add mcabber issue discovred by Silvio


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2010-10-23 12:36:29 UTC (rev 15508)
+++ data/CVE/list       2010-10-23 15:24:33 UTC (rev 15509)
@@ -2151,25 +2151,54 @@
 CVE-2010-3184
        RESERVED
 CVE-2010-3183 (The LookupGetterOrSetter function in Mozilla Firefox before 
3.5.14 and ...)
+       - xulrunner <removed>
+       - iceweasel 3.5.14-1
+       [lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner 
from the xulrunner source pkg)
+       - iceape 2.0.9-1
+       [lenny] - iceape <not-affected> (Only a stub package)
        [lenny] - xulrunner <not-affected> (bug in optimization added later)
 CVE-2010-3182 (A certain application-launch script in Mozilla Firefox before 
3.5.14 ...)
        TODO: check
 CVE-2010-3181 (Untrusted search path vulnerability in Mozilla Firefox before 
3.5.14 ...)
        TODO: check
 CVE-2010-3180 (Use-after-free vulnerability in the nsBarProp function in 
Mozilla ...)
-       TODO: check
+       - xulrunner <removed>
+       - iceweasel 3.5.14-1
+       [lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner 
from the xulrunner source pkg)
+       - iceape 2.0.9-1
+       [lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3179 (Stack-based buffer overflow in the text-rendering functionality 
in ...)
-       TODO: check
+       - xulrunner <removed>
+       - iceweasel 3.5.14-1
+       [lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner 
from the xulrunner source pkg)
+       - iceape 2.0.9-1
+       [lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3178 (Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, 
Thunderbird ...)
-       TODO: check
+       - xulrunner <removed>
+       - iceweasel 3.5.14-1
+       [lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner 
from the xulrunner source pkg)
+       - iceape 2.0.9-1
+       [lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3177 (Multiple cross-site scripting (XSS) vulnerabilities in the 
Gopher ...)
-       TODO: check
+       - xulrunner <removed>
+       - iceweasel 3.5.14-1
+       [lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner 
from the xulrunner source pkg)
+       - iceape 2.0.9-1
+       [lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3176 (Multiple unspecified vulnerabilities in the browser engine in 
Mozilla ...)
-       TODO: check
+       - xulrunner <removed>
+       - iceweasel 3.5.14-1
+       [lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner 
from the xulrunner source pkg)
+       - iceape 2.0.9-1
+       [lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3175 (Multiple unspecified vulnerabilities in the browser engine in 
Mozilla ...)
        TODO: check
 CVE-2010-3174 (Unspecified vulnerability in the browser engine in Mozilla 
Firefox ...)
-       TODO: check
+       - xulrunner <removed>
+       - iceweasel 3.5.14-1
+       [lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner 
from the xulrunner source pkg)
+       - iceape 2.0.9-1
+       [lenny] - iceape <not-affected> (Only a stub package)
 CVE-2010-3173 (The SSL implementation in Mozilla Firefox before 3.5.14 and 
3.6.x ...)
        TODO: check
 CVE-2010-3172
@@ -2919,6 +2948,7 @@
        RESERVED
 CVE-2010-2891
        RESERVED
+       - libsmi 0.4.8+dfsg2-3
 CVE-2010-2890 (Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 
on ...)
        NOT-FOR-US: Adobe Reader and Acrobat
 CVE-2010-2889 (Unspecified vulnerability in Adobe Reader and Acrobat 9.x 
before 9.4, ...)
@@ -13699,6 +13729,7 @@
 CVE-2009-3720 (The updatePosition function in lib/xmltok_impl.c in libexpat in 
Expat ...)
        {DSA-1977-1 DSA-1921-1}
        - expat 2.0.1-5 (low; bug #551936)
+       - mcabber <unfixed> (low; bug #601053)
        - w3c-libwww <removed> (low; bug #551938)
        [etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
        - python-xml <removed> (low; bug #560951)
@@ -14178,6 +14209,7 @@
 CVE-2009-3560 (The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 
2.0.1, ...)
        {DSA-1977-1 DSA-1953-2 DSA-1953-1}
        - expat 2.0.1-6 (low; bug #560901)
+       - mcabber <unfixed> (low; bug #601053)
        - w3c-libwww <removed>
        [etch] - w3c-libwww <no-dsa> (Minor issue, only used by fringe apps)
        - python-xml <removed> (low; bug #560951)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r15509 - data/CVE

Reply via email to