thr3ads.net - Secure testing commits - [Secure-testing-commits] r5202

If this information is useful, please help other people find it:
Share via:

Stefan Fritsch

2006-Dec-30 22:00 UTC

[Secure-testing-commits] r5202 - data/CVE

Author: stef-guest
Date: 2006-12-30 22:00:32 +0100 (Sat, 30 Dec 2006)
New Revision: 5202

Modified:
   data/CVE/list
Log:
CVE-2006-4842: new xulrunner issue (low)

Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-12-30 09:02:34 UTC (rev 5201)
+++ data/CVE/list	2006-12-30 21:00:32 UTC (rev 5202)
@@ -4274,7 +4274,11 @@
 CVE-2006-4843
 	RESERVED
 CVE-2006-4842 (The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as
used in ...)
-	TODO: check
+	- xulrunner <unfixed> (low; bug filed)
+	[sarge] - mozilla <unfixed> (low)
+	NOTE: could not find setuid binary in sid, but evolution-data-server has a
setgid mail binary
+	NOTE: see https://bugzilla.mozilla.org/show_bug.cgi?id=351470
+	TODO: check whether sarge has a setuid/setgid binary linking against libnspr
 CVE-2006-4841
 	RESERVED
 CVE-2006-4840

Secure testing commits - Dec 2006 - r5202 - data/CVE

[Secure-testing-commits] r5202 - data/CVE