Florian Weimer
2005-Sep-23 10:47 UTC
[Secure-testing-commits] r2129 - in data: CAN CVE DSA
Author: fw
Date: 2005-09-23 10:47:08 +0000 (Fri, 23 Sep 2005)
New Revision: 2129
Modified:
data/CAN/list
data/CVE/list
data/DSA/list
Log:
Add more epochs to mozilla, mozilla-browser versions.
Modified: data/CAN/list
==================================================================---
data/CAN/list 2005-09-23 10:35:53 UTC (rev 2128)
+++ data/CAN/list 2005-09-23 10:47:08 UTC (rev 2129)
@@ -12244,33 +12244,33 @@
NOTE: rejected
CAN-2004-0909 (Mozilla Firefox before the Preview Release, Mozilla before
1.7.3, and ...)
- mozilla-firefox 0.10.1+1.0PR
- - mozilla 1.7.3
+ - mozilla 2:1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0908 (Mozilla Firefox before the Preview Release, Mozilla before
1.7.3, and ...)
- mozilla-firefox 0.10.1+1.0PR
- - mozilla 1.7.3
+ - mozilla 2:1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0907 (The Linux install .tar.gz archives for Mozilla Firefox before
the ...)
NOTE: not-for-us (non-debian package issue)
CAN-2004-0906 (The XPInstall installer in Mozilla Firefox before the Preview
Release, ...)
- mozilla-firefox 0.10.1+1.0PR
- - mozilla 1.7.3
+ - mozilla 2:1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0905 (Mozilla Firefox before the Preview Release, Mozilla before
1.7.3, and ...)
- mozilla-firefox 0.10.1+1.0PR
- - mozilla 1.7.3
+ - mozilla 2:1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0904 (Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox
...)
- mozilla-firefox 0.10.1+1.0PR
- - mozilla 1.7.3
+ - mozilla 2:1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0903 (Stack-based buffer overflow in the writeGroup function in ...)
- mozilla-firefox 0.10.1+1.0PR
- - mozilla 1.7.3
+ - mozilla 2:1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0902 (Multiple heap-based buffer overflows in Mozilla Firefox before
the ...)
- mozilla-firefox 0.10.1+1.0PR
- - mozilla 1.7.3
+ - mozilla 2:1.7.3
- mozilla-thunderbird 0.8
CAN-2004-0901 (Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used
in ...)
NOTE: not-for-us (Microsoft)
@@ -12547,7 +12547,7 @@
CAN-2004-0780
NOTE: reserved
CAN-2004-0779 (The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web
browsers ...)
- - mozilla 1.7
+ - mozilla 2:1.7
- mozilla-firefox 0.9
CAN-2004-0778 (CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows
remote ...)
- cvs 1.12.9
@@ -15610,7 +15610,9 @@
NOTE: mutt and balsa might still be vulnerable
NOTE: but it''s only a crasher
CAN-2003-0298 (The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious
IMAP ...)
- - mozilla 1.4b
+ - mozilla 2:1.5-1
+ NOTE: May have been fixed in an earlier version. Not clear how
+ NOTE: Mozilla''s a/b versions map to the Debian version.
CAN-2003-0297 (c-client IMAP Client, as used in imap-2002b and Pine 4.53,
allows ...)
- uw-imap 7:2002c
NOTE: did not check pine
Modified: data/CVE/list
==================================================================---
data/CVE/list 2005-09-23 10:35:53 UTC (rev 2128)
+++ data/CVE/list 2005-09-23 10:47:08 UTC (rev 2129)
@@ -39,7 +39,7 @@
CVE-2004-0193
NOTE: not-for-us (realsecure/blackice)
CVE-2004-0191
- - mozilla-browser 1.7.3
+ - mozilla-browser 2:1.7.3
TODO: test
CVE-2004-0190
NOTE: not-for-us (symantec)
@@ -830,7 +830,7 @@
CVE-2002-1132
{DSA-191}
CVE-2002-1126
- - mozilla 1.2
+ - mozilla 2:1.2
CVE-2002-1123
NOTE: not-for-us (Microsoft)
CVE-2002-1122
@@ -878,7 +878,7 @@
CVE-2002-1092
NOTE: not-for-us (Cisco)
CVE-2002-1091
- - mozilla 1.0.2
+ - mozilla 2:1.0.2
CVE-2002-1088
NOTE: not-for-us (Novell GroupWise)
CVE-2002-1081
Modified: data/DSA/list
==================================================================---
data/DSA/list 2005-09-23 10:35:53 UTC (rev 2128)
+++ data/DSA/list 2005-09-23 10:47:08 UTC (rev 2129)
@@ -180,7 +180,7 @@
NOTE: not fixed in testing at time of DSA (nor unstable)
[17 Aug 2005] DSA-777-1 mozilla - frame injection spoofing
{CAN-2004-0718 CAN-2005-1937}
- - mozilla-browser 1.7.10-1 (medium)
+ - mozilla-browser 2:1.7.10-1 (medium)
NOTE: not fixed in testing at time of DSA (waiting on builds)
[16 Aug 2005] DSA-776-1 clamav - integer overflows, infinite loop
{CAN-2005-2450}