Secure testing commits - Nov 2006 - r4985 - data/CVE

Author: stef-guest
Date: 2006-11-20 21:29:14 +0100 (Mon, 20 Nov 2006)
New Revision: 4985

Modified:
   data/CVE/list
Log:
- proftpd fixed
- xulrunner fixed


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-11-20 14:52:28 UTC (rev 4984)
+++ data/CVE/list	2006-11-20 20:29:14 UTC (rev 4985)
@@ -327,10 +327,8 @@
 CVE-2006-5816 (Multiple PHP remote file inclusion vulnerabilities in Dmitry
Sheiko ...)
 	NOT-FOR-US: Business Card Web Builder
 CVE-2006-5815 (Unspecified vulnerability in ProFTPD allows remote attackers to
...)
-	- proftpd-dfsg <unfixed>
+	- proftpd-dfsg 1.3.0-13
 	- proftpd <removed>
-	TODO: file bug when more info is available
-	NOTE: Potential patch at
http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date
 CVE-2006-5814 (Unspecified vulnerability in Novell eDirectory allows remote
attackers ...)
 	NOT-FOR-US: Novell eDirectory 
 CVE-2006-5813 (Unspecified vulnerability in Novell eDirectory 8.8 allows
attackers to ...)
@@ -473,7 +471,7 @@
 	- firefox <unfixed> (high)
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <unfixed> (high)
-	- xulrunner <unfixed> (high)
+	- xulrunner 1.8.0.8-1 (high)
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (medium)
 CVE-2006-5747 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8,
...)
@@ -1082,7 +1080,7 @@
 	- firefox <unfixed> (low)
 	- icedove 1.5.0.8-1 (low)
 	- mozilla <unfixed> (low)
-	- xulrunner <unfixed> (low)
+	- xulrunner 1.8.0.8-1 (low)
 	- mozilla-firefox <removed> (low)
 	- mozilla-thunderbird <removed> (low)
 CVE-2006-5463 (Unspecified vulnerability in Mozilla Firefox before 1.5.0.8,
...)
@@ -1090,7 +1088,7 @@
 	- firefox <unfixed> (high)
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <unfixed> (high)
-	- xulrunner <unfixed> (high)
+	- xulrunner 1.8.0.8-1 (high)
 	- mozilla-firefox <removed> (high)
 	- mozilla-thunderbird <removed> (medium)
 CVE-2006-5462 (Mozilla Network Security Service (NSS) library before 3.11.3, as
used ...)
@@ -1100,7 +1098,7 @@
 	- firefox <unfixed> (high)
 	- icedove 1.5.0.8-1 (medium)
 	- mozilla <unfixed> (high)
-	- xulrunner <unfixed> (high)
+	- xulrunner 1.8.0.8-1 (high)
 	- mozilla-thunderbird <removed> (medium)
 CVE-2006-5461 (Avahi before 0.6.15 does not verify the sender identity of
netlink ...)
 	- avahi 0.6.15-1 (low)
@@ -3644,6 +3642,7 @@
 	- firefox <unfixed>
 	- mozilla <unfixed>
 	- mozilla-firefox <unfixed>
+	- xulrunner 1.8.0.8-1
 CVE-2006-4309 (VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not
...)
 	NOT-FOR-US: AK-Systems Windows Terminal
 CVE-2006-4308 (Multiple cross-site scripting (XSS) vulnerabilities in
Blackboard ...)