thr3ads.net - Secure testing commits - [Secure-testing-commits] r10469

If this information is useful, please help other people find it:
Share via:
joeyh at alioth.debian.org
2008-Nov-23 21:14 UTC
[Secure-testing-commits] r10469 - data/CVE

Author: joeyh
Date: 2008-11-23 21:14:29 +0000 (Sun, 23 Nov 2008)
New Revision: 10469

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-11-23 21:13:44 UTC (rev 10468)
+++ data/CVE/list	2008-11-23 21:14:29 UTC (rev 10469)
@@ -362,20 +362,24 @@
 	{DSA-1665-1}
 	- libcdaudio 0.99.12p2-7 (bug #505478)
 CVE-2008-5024 (Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18,
...)
+	{DSA-1669-1}
 	- iceweasel <unfixed>
 	- xulrunner 1.9.0.4-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2008-5023 (Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and
SeaMonkey ...)
+	{DSA-1669-1}
 	- iceweasel <unfixed>
 	- xulrunner 1.9.0.4-1
 	- iceape <unfixed>
 CVE-2008-5022 (The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x
...)
+	{DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel <unfixed>
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2008-5021 (nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before
...)
+	{DSA-1669-1}
 	- iceweasel <unfixed>
 	- xulrunner 1.9.0.4-1
 	- icedove <unfixed>
@@ -386,11 +390,13 @@
 	- iceweasel <unfixed>
 	- xulrunner 1.9.0.4-1
 CVE-2008-5018 (The JavaScript engine in Mozilla Firefox 3.x before 3.0.4,
Firefox 2.x ...)
+	{DSA-1669-1}
 	- iceweasel <unfixed>
 	- xulrunner 1.9.0.4-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2008-5017 (Integer overflow in xpcom/io/nsEscape.cpp in the browser engine
in ...)
+	{DSA-1669-1}
 	- iceweasel <unfixed>
 	- xulrunner <unfixed>
 	- icedove <unfixed>
@@ -410,10 +416,13 @@
 	[etch] - iceweasel <not-affected> (Doesn''t affect Firefox 2.x)
 	[etch] - xulrunner <not-affected> (Doesn''t affect Firefox 2.x)
 CVE-2008-5014 (jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x
before ...)
+	{DSA-1669-1}
 	TODO: check
 CVE-2008-5013 (Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before
1.1.13 do ...)
+	{DSA-1669-1}
 	TODO: check
 CVE-2008-5012 (Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before
2.0.0.18, ...)
+	{DSA-1669-1}
 	TODO: check
 CVE-2008-5010 (in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10,
and ...)
 	NOT-FOR-US: in.dhcpd
@@ -1344,6 +1353,7 @@
 CVE-2008-4583 (Insecure method vulnerability in the Chilkat FTP 2.0 ActiveX
component ...)
 	NOT-FOR-US: Chilkat FTP
 CVE-2008-4582 (Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before
2.0.0.18, and ...)
+	{DSA-1669-1}
 	- xulrunner 1.9.0.4-1
 	- iceweasel <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
@@ -2533,32 +2543,32 @@
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
 CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey
...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- iceweasel 3.0
 	- xulrunner 1.9
 	- iceape 1.1.12-1
 CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before
2.0.0.17 ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4067 (Directory traversal vulnerability in Mozilla Firefox before
2.0.0.17 ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4066 (Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17,
allows ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- iceweasel 3.0
 	- xulrunner 1.9
 	- iceape 1.1.12-1
 	- icedove 2.0.0.17-1
 CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2,
Thunderbird ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
@@ -2572,31 +2582,31 @@
 	- iceweasel 3.0.3-1
 	[etch] - iceweasel <not-affected> (Vulnerable code not present)
 CVE-2008-4062 (Multiple unspecified vulnerabilities in Mozilla Firefox before
...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4061 (Integer overflow in the MathML component in Mozilla Firefox
before ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4060 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2,
Thunderbird ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4059 (The XPConnect component in Mozilla Firefox before 2.0.0.17
allows ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
 	- icedove 2.0.0.17-1
 CVE-2008-4058 (The XPConnect component in Mozilla Firefox before 2.0.0.17 and
3.x ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- xulrunner 1.9.0.3-1
 	- iceape 1.1.12-1
 	- iceweasel 3.0.3-1
@@ -3142,17 +3152,17 @@
 CVE-2008-3838 (Unspecified vulnerability in the NFS Remote Procedure Calls
(RPC) ...)
 	NOT-FOR-US: Solaris
 CVE-2008-3837 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and
SeaMonkey ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	- iceweasel 3.0.3-1 (low)
 	- xulrunner 1.9.0.3-1 (low)
 	- iceape 1.1.12-1 (low)
 CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote
attackers ...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- iceweasel 3.0
 	- xulrunner 1.9
 CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox
...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- xulrunner 1.9
 	- iceweasel 3.0
@@ -5312,11 +5322,11 @@
 	NOT-FOR-US: IBM Tivoli Directory Server
 CVE-2008-2941 (The hpssd message parser in hpssd.py in HP Linux Imaging and
Printing ...)
 	- hplip 2.8.6-1 (low; bug #499842)
-        [etch] - hplip <no-dsa> (Minor issue)
+	[etch] - hplip <no-dsa> (Minor issue)
 	NOTE: Does not affect current version in lenny, marking as fixed in current
upstream release
 CVE-2008-2940 (The alert-mailing implementation in HP Linux Imaging and
Printing ...)
 	- hplip 2.8.6-1 (low; bug #499842)
-        [etch] - hplip <no-dsa> (Minor issue)
+	[etch] - hplip <no-dsa> (Minor issue)
 	NOTE: Does not affect current version in lenny, marking as fixed in current
upstream release
 CVE-2008-2939 (Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the
...)
 	- apache2 2.2.9-7 (low)
@@ -12969,11 +12979,12 @@
 CVE-2008-0018
 	RESERVED
 CVE-2008-0017 (The http-index-format MIME type parser (nsDirIndexParser) in
Firefox ...)
+	{DSA-1669-1}
 	- iceweasel <unfixed>
 	- xulrunner 1.9.0.4-1
 	- iceape <unfixed>
 CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in
...)
-	{DSA-1649-1}
+	{DSA-1669-1 DSA-1649-1}
 	NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
 	- xulrunner 1.9
 	- iceweasel 3.0
Secure testing commits - Nov 2008 - r10469 - data/CVE

[Secure-testing-commits] r10469 - data/CVE
