Author: derevko-guest Date: 2009-06-14 13:18:19 +0000 (Sun, 14 Jun 2009) New Revision: 12122 Modified: data/CVE/list Log: xulrunner 1.9.0.11-1 uploaded in unstable Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-06-14 07:12:37 UTC (rev 12121) +++ data/CVE/list 2009-06-14 13:18:19 UTC (rev 12122) @@ -470,50 +470,50 @@ [etch] - strongswan <not-affected> (Vulnerable code not present, IKEv2 was introduced in 4.3) CVE-2009-1841 [JavaScript chrome privilege escalation] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1840 [XUL scripts bypass content-policy checks] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1839 [ Incorrect principal set for file: resources loaded via location bar] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1838 [Arbitrary code execution using event listeners attached to an element whose owner document is null] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1837 [ Race condition while accessing the private data of a NPObject JS wrapper class object] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 [etch] - xulrunner <not-affected> (Doesn''t affect Gecko 1.8) CVE-2009-1836 [ SSL tampering via non-200 responses to proxy CONNECT requests] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1835 [Arbitrary domain cookie access by local file: resources] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1834 [URL spoofing with invalid unicode characters] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1833 [Crashes with evidence of memory corruption] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1832 [Crashes with evidence of memory corruption] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1828 (Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of ...) @@ -1652,7 +1652,7 @@ RESERVED CVE-2009-1392 [Crashes with evidence of memory corruption] RESERVED - - xulrunner <unfixed> + - xulrunner 1.9.0.11-1 - icedove <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-1391 [Compress::Raw::Zlib buffer overflow]