Secure testing commits - Dec 2008 - r10814 - data/CVE

Author: jmm-guest
Date: 2008-12-28 20:02:59 +0000 (Sun, 28 Dec 2008)
New Revision: 10814

Modified:
   data/CVE/list
Log:
- record iceweasel fixes
- mibs-installer no-dsa


Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-12-28 14:07:06 UTC (rev 10813)
+++ data/CVE/list	2008-12-28 20:02:59 UTC (rev 10814)
@@ -488,59 +488,59 @@
 CVE-2008-5514 (Off-by-one error in the rfc822_output_char function in the ...)
 	TODO: check
 CVE-2008-5513 (Unspecified vulnerability in the session-restore feature in
Mozilla ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 CVE-2008-5512 (Multiple unspecified vulnerabilities in Mozilla Firefox 3.x
before ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- xulrunner <unfixed>
 CVE-2008-5511 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,
Thunderbird ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- xulrunner <unfixed>
 CVE-2008-5510 (The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x
before ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- xulrunner <unfixed>
 CVE-2008-5509
 	RESERVED
 CVE-2008-5508 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,
Thunderbird ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- xulrunner <unfixed>
 CVE-2008-5507 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,
Thunderbird ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- xulrunner <unfixed>
 CVE-2008-5506 (Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,
Thunderbird ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- xulrunner <unfixed>
 CVE-2008-5505 (Mozilla Firefox 3.x before 3.0.5 allows remote attackers to
bypass ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 CVE-2008-5504 (Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to
run ...)
 	TODO: check
 CVE-2008-5503 (The loadBindingDocument function in Mozilla Firefox 2.x before
...)
 	TODO: check
 CVE-2008-5502 (The layout engine in Mozilla Firefox 3.x before 3.0.5,
Thunderbird 2.x ...)
-	- iceweasel 3.0
-	NOTE: Firefox 3 not affected
+	- iceweasel 3.0.5-1
+        [etch] - iceweasel <not-affected> (Firefox 2.x not affected)
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
 CVE-2008-5501 (The layout engine in Mozilla Firefox 3.x before 3.0.5,
Thunderbird 2.x ...)
-	- iceweasel 3.0
-	NOTE: Firefox 3 not affected
+	- iceweasel 3.0.5-1
+        [etch] - iceweasel <not-affected> (Firefox 2.x not affected)
 	- iceape 1.1.10-1
 	- xulrunner 1.9.0.1-1
 	- icedove 2.0.0.16-1
 CVE-2008-5500 (The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x
before ...)
-	- iceweasel <unfixed>
+	- iceweasel 3.0.5-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- xulrunner <unfixed>
@@ -807,6 +807,7 @@
 	[etch] - gpsdrive <unfixed> (low; bug #508595)
 CVE-2008-5379 (netdisco-mibs-installer 1.0 allows local users to overwrite
arbitrary ...)
 	- netdisco-mibs-installer (low; bug #508940)
+	[lenny] - netdisco-mibs-installer <no-dsa> (Contrib not supported)
 CVE-2008-5378 (arb-kill in arb 0.0.20071207.1 allows local users to overwrite
...)
 	- arb <unfixed> (low; bug #508942)
 CVE-2008-5377 (pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary
files ...)