Author: jmm-guest Date: 2010-09-09 20:54:18 +0000 (Thu, 09 Sep 2010) New Revision: 15300 Modified: data/CVE/list Log: - older Mozilla rng seed issue CVEfied - record latest Mozilla updates for xulrunner (now provided by iceweasel source package) -> old entries still need to be rewritten to reflect the source name change - tiff crasher fixed in 3.9.4 - NFUs Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-09-09 20:05:47 UTC (rev 15299) +++ data/CVE/list 2010-09-09 20:54:18 UTC (rev 15300) @@ -232,27 +232,35 @@ CVE-2010-3169 [Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-3168 [XUL tree removal crash and remote code execution] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-3167 [Dangling pointer vulnerability in nsTreeContentView] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-3166 [Heap buffer overflow in nsTextFrameUtils::TransformText] RESERVED - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) [lenny] - xulrunner <not-affected> (Doesn''t affect Xulrunner 1.9.0 code base) - icedove <unfixed> [lenny] - icedove <not-affected> (Doesn''t affect Xulrunner 1.9.0 code base) @@ -1005,7 +1013,7 @@ CVE-2010-2875 (Integer signedness error in Adobe Shockwave Player before 11.5.8.612 ...) NOT-FOR-US: Adobe Shockwave Player CVE-2010-2874 (Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 ...) - TODO: check + NOT-FOR-US: Adobe Shockwave Player CVE-2010-2873 (Adobe Shockwave Player before 11.5.8.612 does not properly validate ...) NOT-FOR-US: Adobe Shockwave Player CVE-2010-2872 (Adobe Shockwave Player before 11.5.8.612 does not properly validate an ...) @@ -1197,7 +1205,6 @@ - linux-2.6 2.6.32-22 CVE-2010-2802 (Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 ...) - mantis <not-affected> (vulnerable code introduced in 1.2.x) - TODO: confirm 1.1.x is not affected NOTE: http://www.mantisbt.org/bugs/view.php?id=11952 CVE-2010-2801 (Integer signedness error in the Quantum decompressor in cabextract ...) {DSA-2087-1} @@ -1344,41 +1351,53 @@ CVE-2010-2769 [Copy-and-paste or drag-and-drop into designMode document allows XSS] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-2768 [UTF-7 XSS by overriding document charset using <object> type attribute] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-2767 [Dangling pointer vulnerability using DOM plugin array] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-2766 [Crash and remote code execution in normalizeDocument] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-2765 [Frameset integer overflow vulnerability] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) CVE-2010-2764 [Information leak via XMLHttpRequest statusText] RESERVED - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) [lenny] - xulrunner <not-affected> (Doesn''t affect Xulrunner 1.9.0 code base) - icedove <unfixed> [lenny] - icedove <not-affected> (Doesn''t affect Xulrunner 1.9.0 code base) @@ -1387,7 +1406,9 @@ CVE-2010-2763 [XSS using SJOW scripted function] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) @@ -1399,7 +1420,9 @@ CVE-2010-2760 [Dangling pointer vulnerability in nsTreeSelection] RESERVED {DSA-2106-1} - - xulrunner <unfixed> + - xulrunner <removed> + - iceweasel 3.5.12-1 + [lenny] - iceweasel <not-affected> (Lenny''s iceweasel uses Xulrunner from the xulrunner source pkg) - icedove <unfixed> - iceape 2.0.7-1 [lenny] - iceape <not-affected> (Only a stub package) @@ -1459,7 +1482,7 @@ CVE-2010-2740 RESERVED CVE-2010-2739 (Buffer overflow in the CreateDIBPalette function in win32k.sys in ...) - TODO: check + NOT-FOR-US: Windows CVE-2010-2738 RESERVED CVE-2010-2737 @@ -2105,7 +2128,7 @@ CVE-2010-2484 (The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent ...) - php5 5.3.3-1 (unimportant) CVE-2010-2483 (The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers ...) - - tiff <unfixed> (unimportant) + - tiff 3.9.4-1 (unimportant) CVE-2010-2482 (LibTIFF 3.9.4 and earlier does not properly handle an invalid ...) - tiff 3.9.4-1 (unimportant) CVE-2010-2481 (The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly ...) @@ -2550,7 +2573,7 @@ CVE-2009-4899 RESERVED CVE-2009-4898 (Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2 ...) - TODO: check + NOT-FOR-US: TWiki CVE-2009-4897 (Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier ...) {DSA-2093-1} - ghostscript 8.70~dfsg-1 @@ -4668,7 +4691,7 @@ CVE-2010-1508 RESERVED CVE-2010-1507 (WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the ...) - TODO: check + NOT-FOR-US: YAST CVE-2010-1506 (The Google V8 bindings in Google Chrome before 4.1.249.1059 allow ...) - chromium-browser 5.0.375.29~r46008-1 - webkit <not-affected> (doesn''t use v8 bindings yet) @@ -17350,9 +17373,6 @@ CVE-2009-XXXX [predictable random number generator used in web browsers] - webkit <unfixed> (low; bug #532514) [lenny] - webkit <no-dsa> (Minor issue) - - xulrunner <unfixed> (low; bug #532516) - [lenny] - xulrunner <no-dsa> (Minor issue) - [etch] - xulrunner <no-dsa> (Minor issue) - kdebase <unfixed> (low; bug #532519) [lenny] - kdebase <no-dsa> (Minor issue) [etch] - kdebase <no-dsa> (Minor issue) @@ -24138,9 +24158,10 @@ CVE-2008-5914 (An unspecified function in the JavaScript implementation in Apple ...) NOT-FOR-US: Apple CVE-2008-5913 (The Math.random function in the JavaScript implementation in Mozilla ...) - - xulrunner 1.9.1.10-1 (unimportant; bug #559792) + - xulrunner 1.9.1.10-1 (unimportant; bug #559792; bug #532516) - iceape 2.0.5-1 (unimportant) [lenny] - iceape <not-affected> (Just a stub package) + - xulrunner <unfixed> (low) CVE-2008-5912 (An unspecified function in the JavaScript implementation in Microsoft ...) NOT-FOR-US: Microsoft CVE-2008-5911 (Multiple buffer overflows in RealNetworks Helix Server and Helix ...)