Author: corsac Date: 2012-07-05 06:17:39 +0000 (Thu, 05 Jul 2012) New Revision: 19666 Modified: data/CVE/list Log: remove bugzilla check, squeeze does indeed seem vulnerable Modified: data/CVE/list ==================================================================--- data/CVE/list 2012-07-05 06:09:20 UTC (rev 19665) +++ data/CVE/list 2012-07-05 06:17:39 UTC (rev 19666) @@ -8105,7 +8105,8 @@ - iceweasel <not-affected> (Only affects Firefox on Windows) CVE-2012-0453 (Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in ...) - bugzilla <removed> - TODO: check + NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=725663 + NOTE: upstream bug only talks about 4.x but afaict the vulnerable code already exists in 3.x CVE-2012-0452 (Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, ...) - icedove <not-affected> (Introduced in Thunderbird 10) - iceweasel 10.0.1-1