Author: stef-guest Date: 2006-04-22 10:58:06 +0000 (Sat, 22 Apr 2006) New Revision: 3848 Modified: data/CVE/list Log: firefox fixed Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-04-22 10:42:44 UTC (rev 3847) +++ data/CVE/list 2006-04-22 10:58:06 UTC (rev 3848) @@ -558,7 +558,7 @@ - thunderbird <unfixed> (low) - mozilla-thunderbird <unfixed> (low) CVE-2006-1730 (Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 ...) - - firefox <unfixed> (high) + - firefox 1.5.dfsg+1.5.0.2-1 (high) - mozilla-firefox <unfixed> (high) - mozilla-browser <unfixed> (high) - thunderbird <unfixed> (medium) @@ -566,18 +566,18 @@ NOTE: MFSA2006-22 says that it is not clear whether Thunderbird is NOTE: exploitable in the default configuration. CVE-2006-1729 (Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla ...) - - firefox <unfixed> (medium) + - firefox 1.5.dfsg+1.5.0.2-1 (medium) - mozilla-firefox <unfixed> (medium) - mozilla-browser <unfixed> (medium) NOTE: Can likely be used to steal OpenSSH keys and the like. CVE-2006-1728 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...) - - firefox <unfixed> (high) + - firefox 1.5.dfsg+1.5.0.2-1 (high) - mozilla-firefox <unfixed> (high) - mozilla-browser <unfixed> (high) - thunderbird <unfixed> (medium) - mozilla-thunderbird <unfixed> (medium) CVE-2006-1727 (Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x ...) - - firefox <unfixed> (medium) + - firefox 1.5.dfsg+1.5.0.2-1 (medium) - mozilla-firefox <unfixed> (medium) - mozilla-browser <unfixed> (medium) - thunderbird <unfixed> (medium) @@ -585,14 +585,14 @@ NOTE: If print preview (and this bug) can be triggered from JavaScript, NOTE: the urgency should probably be raised. CVE-2006-1726 (Unspecified vulnerability in Firefox and Thunderbird 1.5 before ...) - - firefox <unfixed> (high) + - firefox 1.5.dfsg+1.5.0.2-1 (high) - thunderbird <unfixed> (medium) NOTE: New bug in Firefox 1.5. CVE-2006-1725 (Mozilla Firefox 1.5 before 1.5.0.2 and SeaMonkey before 1.0.1 causes ...) - - firefox <unfixed> (low) + - firefox 1.5.dfsg+1.5.0.2-1 (low) NOTE: New bug in Firefox 1.5. CVE-2006-1724 (Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, ...) - - firefox <unfixed> (medium) + - firefox 1.5.dfsg+1.5.0.2-1 (medium) - mozilla-firefox <unfixed> (medium) - mozilla-browser <unfixed> (medium) - thunderbird <unfixed> (low) @@ -2212,6 +2212,7 @@ - monopd <unfixed> (bug #355797) CVE-2006-1045 (The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block ...) - mozilla-thunderbird <unfixed> (low) + - firefox 1.5.dfsg+1.5.0.2-1 CVE-2006-1044 (Multiple buffer overflows in LISTSERV 14.3 and 14.4, including ...) NOT-FOR-US: LISTSERV CVE-2006-1043 (Stack-based buffer overflow in Microsoft Visual Studio 6.0 and ...) @@ -2551,6 +2552,7 @@ NOT-FOR-US: CuteNews CVE-2006-0884 (The WYSIWYG rendering engine in Mozilla Thunderbird 1.0.7 and earlier ...) - mozilla-thunderbird <unfixed> + - firefox 1.5.dfsg+1.5.0.2-1 CVE-2003-1295 (Unspecified vulnerability in xscreensaver 4.12, and possibly other ...) - xscreensaver 4.21-1 NOTE: Might be fixed earlier, but I''ve verified that the SuSE patch is included @@ -2843,7 +2845,7 @@ - thunderbird <unfixed> (low) - mozilla-thunderbird <unfixed> (low) CVE-2006-0748 (Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before ...) - - firefox <unfixed> (high) + - firefox 1.5.dfsg+1.5.0.2-1 (high) - mozilla-firefox <unfixed> (high) - mozilla-browser <unfixed> (high) - thunderbird <unfixed> (high) @@ -15718,6 +15720,7 @@ - freeradius 1.0.2-4 CVE-2005-2353 (run-mozilla.sh in Thunderbird, with debugging enabled, allows local ...) - mozilla-thunderbird 1.0.6-1 (bug #306893; low) + - firefox 1.5.dfsg+1.5.0.2-1 CVE-2005-XXXX [Directory traversal in unzoo] - unzoo 4.4-4 CVE-2005-XXXX [Logging bypassing through SIGHUP in syslog-ng]