Author: gilbert-guest Date: 2009-08-10 23:56:52 +0000 (Mon, 10 Aug 2009) New Revision: 12557 Modified: data/CVE/list data/embedded-code-copies Log: - new non-numbered issues - new xulrunner embeds libvorbis - bugs submitted for libvorbis cve Modified: data/CVE/list ==================================================================--- data/CVE/list 2009-08-10 21:14:14 UTC (rev 12556) +++ data/CVE/list 2009-08-10 23:56:52 UTC (rev 12557) @@ -1,3 +1,8 @@ +CVE-2009-XXXX [apache2: xml-based firewall bypass / port scanning] + - apache2 <unfixed> (low; bug #540862) +CVE-2009-XXXX [linux-2.6: parisc eisa underflow] + - linux-2.6 <unfixed> (low) + - linux-2.6.24 <removed> CVE-2009-2715 (Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause ...) TODO: check CVE-2009-2714 (Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows ...) @@ -253,8 +258,10 @@ - xulrunner <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox before 3.0.13 and ...) - - xulrunner <unfixed> - [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) + - libvorbis <unfixed> (medium; bug #540958) + - xulrunner <not-affected> (medium; bug #540961) + NOTE: vorbis support added in 1.9.0.13 and 1.9.1.0, which have not yet entered the archive + TODO: recheck when 1.9.0.13 or 1.9.1.x enter stable/unstable CVE-2009-2662 (The browser engine in Mozilla Firefox before 3.0.13, and 3.5.x before ...) - xulrunner <unfixed> [etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer covered by security support) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2009-08-10 21:14:14 UTC (rev 12556) +++ data/embedded-code-copies 2009-08-10 23:56:52 UTC (rev 12557) @@ -919,3 +919,6 @@ libept: - adept <unfixed> (embed; bug #540649) + +libvorbis: + - xulrunner <unfixed> (embed; 540959)