Author: joeyh
Date: 2011-09-29 21:14:22 +0000 (Thu, 29 Sep 2011)
New Revision: 17334
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2011-09-29 20:26:28 UTC (rev 17333)
+++ data/CVE/list 2011-09-29 21:14:22 UTC (rev 17334)
@@ -1,3 +1,7 @@
+CVE-2011-3867 (Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows
remote ...)
+ TODO: check
+CVE-2011-3866 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not
properly ...)
+ TODO: check
CVE-2011-3865 (Cross-site scripting (XSS) vulnerability in the
Black-LetterHead theme ...)
TODO: check
CVE-2011-3864 (Cross-site scripting (XSS) vulnerability in the The Erudite
theme ...)
@@ -769,8 +773,8 @@
RESERVED
CVE-2011-3505
RESERVED
-CVE-2011-3504
- RESERVED
+CVE-2011-3504 (The Matroska format decoder in FFmpeg before 0.8.3 does not
properly ...)
+ TODO: check
CVE-2011-3503 (Untrusted search path vulnerability in eSignal 10.6.2425.1208,
and ...)
TODO: check
CVE-2011-3502 (The web server in Cogent DataHub 7.1.1.63 and earlier allows
remote ...)
@@ -1456,8 +1460,7 @@
NOTE: http://trac.webkit.org/changeset/92132
CVE-2011-3233
RESERVED
-CVE-2011-3232
- RESERVED
+CVE-2011-3232 (YARR, as used in Mozilla Firefox before 7.0, Thunderbird before
7.0, ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
@@ -2014,51 +2017,46 @@
NOT-FOR-US: McAfee SaaS
CVE-2011-3006 (The MyAsUtil ActiveX control in MyAsUtil5.2.0.603.dll in McAfee
SaaS ...)
NOT-FOR-US: McAfee SaaS
-CVE-2011-3005
- RESERVED
+CVE-2011-3005 (Use-after-free vulnerability in Mozilla Firefox 4.x through 6,
...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3004
- RESERVED
+CVE-2011-3004 (The JSSubScriptLoader in Mozilla Firefox 4.x through 6 and
SeaMonkey ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3003
- RESERVED
+CVE-2011-3003 (Mozilla Firefox before 7.0 and SeaMonkey before 2.4 allow
remote ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3002
- RESERVED
+CVE-2011-3002 (Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla
...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3001
- RESERVED
+CVE-2011-3001 (Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and
SeaMonkey ...)
- xulrunner <not-affected> (Only affects Firefox >= 4)
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox >= 4)
[squeeze] - iceweasel <not-affected> (Only affects Firefox >= 4)
- iceape <not-affected> (Only affects Firefox >= 4)
-CVE-2011-3000
- RESERVED
+CVE-2011-3000 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird
before ...)
+ {DSA-2313-1 DSA-2312-1}
- icedove <unfixed>
- xulrunner <removed>
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Lenny's iceweasel uses Xulrunner
from the xulrunner source pkg)
- iceape 2.0.14-8
[lenny] - iceape <not-affected> (Only a stub package)
-CVE-2011-2999
- RESERVED
+CVE-2011-2999 (Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird
before ...)
+ {DSA-2313-1 DSA-2312-1}
- icedove <unfixed>
- xulrunner <removed>
- iceweasel 7.0-1
@@ -2067,6 +2065,7 @@
[lenny] - iceape <not-affected> (Only a stub package)
CVE-2011-2998 [http://www.mozilla.org/security/announce/2011/mfsa2011-37.html]
RESERVED
+ {DSA-2313-1 DSA-2312-1}
- icedove <unfixed>
- xulrunner <removed>
- iceweasel 7.0-1
@@ -2074,21 +2073,19 @@
- iceape 2.0.14-8
[lenny] - iceape <not-affected> (Only a stub package)
NOTE: Only affects firefox 3.6 code base, not 4.0 oder later
-CVE-2011-2997
- RESERVED
+CVE-2011-2997 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
- xulrunner <not-affected> (Only affects Firefox 6)
- iceweasel 7.0-1
[lenny] - iceweasel <not-affected> (Only affects Firefox 6)
[squeeze] - iceweasel <not-affected> (Only affects Firefox 6)
- iceape <not-affected> (Only affects Firefox 6)
-CVE-2011-2996
- RESERVED
+CVE-2011-2996 (Unspecified vulnerability in the plugin API in Mozilla Firefox
3.6.x ...)
- icedove <not-affected> (Only affects MacOS)
- xulrunner <not-affected> (Only affects MacOS)
- iceweasel <not-affected> (Only affects MacOS)
- iceape <not-affected> (Only affects MacOS)
-CVE-2011-2995
- RESERVED
+CVE-2011-2995 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
+ {DSA-2313-1 DSA-2312-1}
- icedove <unfixed>
- xulrunner <removed>
- iceweasel 7.0-1
@@ -3826,8 +3823,8 @@
- iceape 2.0.14-3
[lenny] - iceape <not-affected> (Only a stub package)
- icedove 3.1.11-1
-CVE-2011-2372
- RESERVED
+CVE-2011-2372 (Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird
before ...)
+ {DSA-2313-1 DSA-2312-1}
- icedove <unfixed>
- xulrunner <removed>
- iceweasel 7.0-1
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
