Secure testing commits - Mar 2012 - r18671 - data/CVE

Author: jmm
Date: 2012-03-14 11:01:50 +0000 (Wed, 14 Mar 2012)
New Revision: 18671

Modified:
   data/CVE/list
Log:
new mozilla issues


Modified: data/CVE/list
==================================================================---
data/CVE/list	2012-03-14 07:13:26 UTC (rev 18670)
+++ data/CVE/list	2012-03-14 11:01:50 UTC (rev 18671)
@@ -2759,26 +2759,63 @@
 	RESERVED
 CVE-2012-0464
 	RESERVED
+	- icedove <unfixed>
+	- iceweasel <unfixed>
+	- iceape <unfixed>
 CVE-2012-0463
 	RESERVED
+	- iceweasel <not-affected> (Only affects Firefox Mobile on Android)
 CVE-2012-0462
 	RESERVED
+	- icedove <unfixed>
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	- iceweasel <unfixed>
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
+	- iceape <unfixed>
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0461
 	RESERVED
+	- icedove <unfixed>
+	- iceweasel <unfixed>
+	- iceape <unfixed>
 CVE-2012-0460
 	RESERVED
+	- icedove <unfixed>
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	- iceweasel <unfixed>
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
+	- iceape <unfixed>
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0459
 	RESERVED
+	- icedove <unfixed>
+	[squeeze] - icedove <not-affected> (Vulnerable code not present)
+	- iceweasel <unfixed>
+	[squeeze] - iceweasel <not-affected> (Vulnerable code not present)
+	- iceape <unfixed>
+	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-0458
 	RESERVED
+	- icedove <unfixed>
+	- iceweasel <unfixed>
+	- iceape <unfixed>
 CVE-2012-0457
 	RESERVED
+	- icedove <unfixed>
+	- iceweasel <unfixed>
+	- iceape <unfixed>
 CVE-2012-0456
 	RESERVED
+	- icedove <unfixed>
+	- iceweasel <unfixed>
+	- iceape <unfixed>
 CVE-2012-0455
 	RESERVED
+	- icedove <unfixed>
+	- iceweasel <unfixed>
+	- iceape <unfixed>
 CVE-2012-0454
-	RESERVED
+	- iceweasel <not-affected> (Only affects Firefox on Windows)
 CVE-2012-0453 (Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in
...)
 	- bugzilla <removed>
 	TODO: check
@@ -2789,6 +2826,12 @@
 	- iceape <not-affected> (Vulnerable version never uploaded to the
archive)
 CVE-2012-0451
 	RESERVED
+	- icedove <unfixed>
+	[squeeze] - icedove <not-affected> (CSP introduced in Thunderbird 3.3)
+	- iceweasel <unfixed>
+	[squeeze] - iceweasel <not-affected> (CSP introduced in Firefox 4)
+	- iceape <unfixed>
+	[squeeze] - iceape <not-affected> (CSP introduced in Seamonkey 2.1)
 CVE-2012-0450 (Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on
Linux and ...)
 	- icedove <unfixed>
 	- xulrunner <not-affected> (Only affects Firefox >= 4)