Secure testing commits - Apr 2005 - r855 - sarge-checks/CAN

Author: jmm-guest
Date: 2005-04-19 09:55:03 +0000 (Tue, 19 Apr 2005)
New Revision: 855

Modified:
   sarge-checks/CAN/list
Log:
CANify lates Firefox and Mozilla vulnerabilities.


Modified: sarge-checks/CAN/list
==================================================================---
sarge-checks/CAN/list	2005-04-19 09:14:20 UTC (rev 854)
+++ sarge-checks/CAN/list	2005-04-19 09:55:03 UTC (rev 855)
@@ -25,21 +25,29 @@
 CAN-2005-1161 (Multiple SQL injection vulnerabilities in OneWorldStore allow
remote ...)
 	TODO: check
 CAN-2005-1160 (The privileged "chrome" UI code in Firefox
before 1.0.3 and Mozilla ...)
-	TODO: check
+	- mozilla-firefox 1.0.3-1
+	- mozilla 1.7.7-1
 CAN-2005-1159 (The native implementations of InstallTrigger and other functions
in ...)
-	TODO: check
+	- mozilla-firefox 1.0.3-1
+	- mozilla 1.7.7-1
 CAN-2005-1158 (Multiple "missing security checks" in Firefox
before 1.0.3 allow ...)
-	TODO: check
+	- mozilla-firefox 1.0.3-1
 CAN-2005-1157 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows
remote ...)
-	TODO: check
+	- mozilla-firefox 1.0.3-1
+	- mozilla 1.7.7-1
 CAN-2005-1156 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows
remote ...)
-	TODO: check
+	- mozilla-firefox 1.0.3-1
+	- mozilla 1.7.7-1
 CAN-2005-1155 (The favicon functionality in Firefox before 1.0.3 and Mozilla
Suite ...)
+	- mozilla-firefox 1.0.3-1
+	- mozilla 1.7.7-1
 	TODO: check
 CAN-2005-1154 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows
remote ...)
-	TODO: check
+	- mozilla-firefox 1.0.3-1
+	- mozilla 1.7.7-1
 CAN-2005-1153 (Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when
blocking a ...)
-	TODO: check
+	- mozilla-firefox 1.0.3-1
+	- mozilla 1.7.7-1
 CAN-2005-1152
 	NOTE: reserved
 CAN-2005-1151
@@ -138,10 +146,6 @@
 	NOTE: not-for-us (Junkbuster)
 CAN-2005-1107 (McAfee Internet Security Suite 2005 uses insecure default ACLs
for ...)
 	TODO: check
-CAN-2005-XXXX [Multiple further vulnerabilities in Mozilla/Firefox beside
CAN-2005-0989]
-	NOTE: Mozilla suite is not affected by all of these issues
-	- mozilla-firefox 1.0.3-1
-	- mozilla 1.7.7-1
 CAN-2005-XXXX [Remote DoS vulnerabilities in postgrey]
 	- postgrey 1.21-1
 CAN-2005-1106 (PictureViewer in QuickTime for Windows 6.5.2 allows remote
attackers ...)