joeyh at alioth.debian.org
2008-Oct-08 21:14 UTC
[Secure-testing-commits] r10046 - data/CVE
Author: joeyh
Date: 2008-10-08 21:14:12 +0000 (Wed, 08 Oct 2008)
New Revision: 10046
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
==================================================================---
data/CVE/list 2008-10-08 20:57:08 UTC (rev 10045)
+++ data/CVE/list 2008-10-08 21:14:12 UTC (rev 10046)
@@ -115,8 +115,10 @@
CVE-2008-4423 (SQL injection vulnerability in index.php in Ovidentia 6.6.5
allows ...)
NOT-FOR-US: Ovidentia
CVE-2008-4422
+ RESERVED
NOT-FOR-US: ** REJECT **
CVE-2008-4421
+ RESERVED
NOT-FOR-US: MetaGauge
CVE-2008-4420
RESERVED
@@ -223,6 +225,7 @@
CVE-2008-4394
RESERVED
CVE-2008-4393
+ RESERVED
NOT-FOR-US: VeriSign Kontiki
CVE-2008-4392
RESERVED
@@ -241,6 +244,7 @@
CVE-2008-4385
RESERVED
CVE-2008-4384
+ RESERVED
NOT-FOR-US: LPViewer ActiveX
CVE-2008-4383 (Stack-based buffer overflow in the Agranet-Emweb embedded
management ...)
NOT-FOR-US: Agranet-Emweb
@@ -948,27 +952,32 @@
CVE-2008-4070 (Heap-based buffer overflow in Mozilla Thunderbird before
2.0.0.17 and ...)
- iceape 1.1.12-1
CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey
...)
+ {DSA-1649-1}
NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- iceweasel 3.0
- xulrunner 1.9
- iceape 1.1.12-1
CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before
2.0.0.17 ...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
- icedove <unfixed>
CVE-2008-4067 (Directory traversal vulnerability in Mozilla Firefox before
2.0.0.17 ...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
- icedove <unfixed>
CVE-2008-4066 (Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17,
allows ...)
+ {DSA-1649-1}
NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- iceweasel 3.0
- xulrunner 1.9
- iceape 1.1.12-1
- icedove <unfixed>
CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2,
Thunderbird ...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
@@ -982,26 +991,31 @@
- iceweasel 3.0.3-1
[etch] - iceweasel <not-affected> (Vulnerable code not present)
CVE-2008-4062 (Multiple unspecified vulnerabilities in Mozilla Firefox before
...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
- icedove <unfixed>
CVE-2008-4061 (Integer overflow in the MathML component in Mozilla Firefox
before ...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
- icedove <unfixed>
CVE-2008-4060 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2,
Thunderbird ...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
- icedove <unfixed>
CVE-2008-4059 (The XPConnect component in Mozilla Firefox before 2.0.0.17
allows ...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
- icedove <unfixed>
CVE-2008-4058 (The XPConnect component in Mozilla Firefox before 2.0.0.17 and
3.x ...)
+ {DSA-1649-1}
- xulrunner 1.9.0.3-1
- iceape 1.1.12-1
- iceweasel 3.0.3-1
@@ -1532,14 +1546,17 @@
CVE-2008-3838 (Unspecified vulnerability in the NFS Remote Procedure Calls
(RPC) ...)
NOT-FOR-US: Solaris
CVE-2008-3837 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and
SeaMonkey ...)
+ {DSA-1649-1}
- iceweasel 3.0.3-1 (low)
- xulrunner 1.9.0.3-1 (low)
- iceape 1.1.12-1 (low)
CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote
attackers ...)
+ {DSA-1649-1}
NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- iceweasel 3.0
- xulrunner 1.9
CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox
...)
+ {DSA-1649-1}
NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- xulrunner 1.9
- iceweasel 3.0
@@ -1727,6 +1744,7 @@
- xastir 1.9.2-1.1 (low; bug #496383)
[etch] - xastir <no-dsa> (Minor issue)
CVE-2008-4477 [mon: insecure temp files]
+ {DSA-1648-1}
- mon 0.99.2-13 (medium; bug #496398)
CVE-2008-3790 (The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through
...)
- ruby1.8 1.8.7.72-1 (bug #496808)
@@ -2322,6 +2340,7 @@
CVE-2008-3544
RESERVED
CVE-2008-3543
+ RESERVED
NOT-FOR-US: HP-UX
CVE-2008-3542 (Unspecified vulnerability in HP Insight Diagnostics before
7.9.1.2402 ...)
NOT-FOR-US: HP Insight Diagnostics
@@ -3438,12 +3457,15 @@
CVE-2008-3064 (Unspecified vulnerability in RealNetworks RealPlayer Enterprise,
...)
NOT-FOR-US: RealNetworks RealPlayer Enterprise
CVE-2008-3063
+ RESERVED
NOT-FOR-US: V-webmail
CVE-2008-3062
RESERVED
CVE-2008-3061
+ RESERVED
NOT-FOR-US: V-webmail
CVE-2008-3060
+ RESERVED
NOT-FOR-US: V-webmail
CVE-2008-3059
RESERVED
@@ -9198,7 +9220,7 @@
- xulrunner 1.8.1.12-1
- iceape 1.1.8-1
CVE-2008-0591 (Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12
does ...)
- {DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
+ {DSA-1506-1 DSA-1489-1 DSA-1484-1}
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
CVE-2008-0590 (Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0
allows ...)
@@ -11307,6 +11329,7 @@
CVE-2008-0017
RESERVED
CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in
...)
+ {DSA-1649-1}
NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- xulrunner 1.9
- iceweasel 3.0