jmm-guest at alioth.debian.org
2008-Jul-27 13:17 UTC
[Secure-testing-commits] r9430 - data/CVE
Author: jmm-guest
Date: 2008-07-27 13:17:00 +0000 (Sun, 27 Jul 2008)
New Revision: 9430
Modified:
data/CVE/list
Log:
corrections/additional information on older mozilla issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-07-27 13:14:03 UTC (rev 9429)
+++ data/CVE/list 2008-07-27 13:17:00 UTC (rev 9430)
@@ -15299,9 +15299,10 @@
CVE-2007-3827 (Mozilla Firefox allows for cookies to be set with a null domain
(aka ...)
[sarge] - mozilla-firefox <no-dsa> (Mozilla products in Sarge no longer
supported)
- mozilla-firefox <removed>
- - iceweasel <unfixed>
- - iceape <unfixed>
- - xulrunner <unfixed>
+ - iceweasel <unfixed> (low)
+ - iceape <unfixed> (low)
+ - xulrunner <unfixed> (low)
+ NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=388097
CVE-2007-3826 (Microsoft Internet Explorer 7 on Windows XP SP2 allows remote
...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-3825 (Multiple stack-based buffer overflows in the RPC implementation
in ...)
@@ -17194,12 +17195,13 @@
NOT-FOR-US: Microsoft Internet Explorer
CVE-2007-3074 (Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to
read ...)
- iceweasel 2.0.0.4-1 (low)
- - iceape 1.1.2-1 (low)
+ - iceape 1.0.9-1 (low)
- xulrunner 1.8.1.4-1 (low)
CVE-2007-3073 (Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and
...)
- iceweasel <unfixed> (low)
- iceape <unfixed> (low)
- xulrunner <unfixed> (low)
+ NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=380994
CVE-2007-3072 (Directory traversal vulnerability in Mozilla Firefox before
2.0.0.4 on ...)
- iceweasel <not-affected> (Only affects Windows versions of Firefox)
CVE-2007-3071 (Buffer overflow in the GetWebStoreURL function in a certain
ActiveX ...)
@@ -19586,7 +19588,6 @@
{DSA-1551-1}
- python2.4 2.4.4-3 (bug #416931; low)
- python2.5 2.5.1-1 (bug #416934; low)
- [etch] - python2.5 <no-dsa> (Minor issue)
- python2.3 <unfixed> (low)
CVE-2007-2051 (Buffer overflow in the parsecmd function in bftpd before 1.8 has
...)
NOT-FOR-US: bftpd