Secure testing commits - Aug 2006 - r4614 - data/CVE

Author: jmm-guest
Date: 2006-08-23 17:29:54 +0000 (Wed, 23 Aug 2006)
New Revision: 4614

Modified:
   data/CVE/list
Log:
more not-affected mozilla issues


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-08-22 22:59:03 UTC (rev 4613)
+++ data/CVE/list	2006-08-23 17:29:54 UTC (rev 4614)
@@ -359,7 +359,7 @@
 CVE-2006-4111 (Ruby on Rails before 1.1.5 allows remote attackers to execute
Ruby ...)
 	- rails 1.1.5-1 (bug #382255; medium)
 CVE-2006-4110 (Apache 2.2.2, when running on Windows, allows remote attackers
to read ...)
-	NOT-FOR-US: Apache on Windows only
+	- apache2 <not-affected> (Affects Apache on Windows only)
 CVE-2006-4109 (Cross-site scripting (XSS) vulnerability in Bibliography ...)
 	TODO: check
 CVE-2006-4108 (SQL injection vulnerability in Bibliography (biblio.module) 4.6
before ...)
@@ -1010,12 +1010,13 @@
 	TODO: check
 CVE-2006-3812 (Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and
...)
 	NOTE: MFSA-2006-56
+	[sarge] - mozilla <not-affected>
 	- mozilla <unfixed> (medium)
 	- xulrunner 1.8.0.5-1 (medium)
-	- mozilla-firefox <removed> (medium)
+	[sarge] - mozilla-firefox <not-affected> (Only Firefox 1.5 is affected)
 	- firefox 1.5.dfsg+1.5.0.5-1 (medium)
 	- thunderbird <unfixed> (unimportant)
-	- mozilla-thunderbird <removed> (unimportant)
+	[sarge]- mozilla-thunderbird <not-affected> (unimportant)
 CVE-2006-3811 (Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, ...)
 	NOTE: MFSA-2006-55
 	- mozilla <unfixed> (high)
@@ -1073,9 +1074,11 @@
 	- mozilla-thunderbird <removed> (medium)
 CVE-2006-3804 (Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5
and ...)
 	NOTE: MFSA-2006-49
+	- mozilla-firefox <not-affected> (only firefox >= 1.5)
+	[sarge] - mozilla <not-affected> (mozilla 1.7 not affected)
 	- mozilla <unfixed> (high)
 	- thunderbird 1.5.0.5-1 (high)
-	- mozilla-thunderbird <removed> (high)
+	- mozilla-thunderbird <not-affected> (high)
 CVE-2006-3803 (Race condition in the JavaScript garbage collection in Mozilla
Firefox ...)
 	NOTE: MFSA-2006-48
 	- mozilla <not-affected> (mozilla 1.7 not affected)