Author: gilbert-guest
Date: 2009-10-19 18:56:01 +0000 (Mon, 19 Oct 2009)
New Revision: 13043
Modified:
data/CVE/list
Log:
- some more fixed iceape issues
- use appropriate debian version for some xulrunner/iceweasel issues
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-10-19 17:59:48 UTC (rev 13042)
+++ data/CVE/list 2009-10-19 18:56:01 UTC (rev 13043)
@@ -13140,19 +13140,17 @@
NOTE: patch now available and will be checked for next patch round
CVE-2008-5504 (Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to
run ...)
{DSA-1707-1}
- - iceweasel 3.0
- - xulrunner 1.9
+ - iceweasel 3.0.1-1
+ - xulrunner 1.9.0.1-1
[etch] - xulrunner <not-affected> (The vulnerable feature is only
included in 1.8.1 branch)
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
NOTE: Original fix for CVE-2008-3836 was incomplete
CVE-2008-5503 (The loadBindingDocument function in Mozilla Firefox 2.x before
...)
{DSA-1707-1 DSA-1704-1 DSA-1697-1 DSA-1696-1}
- iceape 1.1.13-1
- - iceweasel 3.0
- - xulrunner 1.9
+ - iceweasel 3.0.1-1
+ - xulrunner 1.9.0.1-1
- icedove 2.0.0.19-1 (low)
NOTE: JavaScript for mails is disabled by default and if users enable it ...
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
CVE-2008-5502 (The layout engine in Mozilla Firefox 3.x before 3.0.5,
Thunderbird 2.x ...)
- iceweasel 3.0.5-1
[etch] - iceweasel <not-affected> (Firefox 2.x not affected)
@@ -14491,15 +14489,13 @@
CVE-2008-5013 (Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before
1.1.13 do ...)
{DSA-1697-1 DSA-1671-1 DSA-1669-1}
- iceape 1.1.13-1
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- - iceweasel 3.0
- - xulrunner 1.9
+ - iceweasel 3.0.1-1
+ - xulrunner 1.9.0.1-1
CVE-2008-5012 (Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before
2.0.0.18, ...)
{DSA-1697-1 DSA-1696-1 DSA-1671-1 DSA-1669-1}
- iceape 1.1.13-1
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- - iceweasel 3.0
- - xulrunner 1.9
+ - iceweasel 3.0.1-1
+ - xulrunner 1.9.0.1-1
- icedove 2.0.0.19-1
CVE-2008-5010 (in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10,
and ...)
NOT-FOR-US: in.dhcpd
@@ -16663,9 +16659,8 @@
- icedove 2.0.0.17-1
CVE-2008-4069 (The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey
...)
{DSA-1697-1 DSA-1669-1 DSA-1649-1}
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- - iceweasel 3.0
- - xulrunner 1.9
+ - iceweasel 3.0.1-1
+ - xulrunner 1.9.0.1-1
- iceape 1.1.12-1
CVE-2008-4068 (Directory traversal vulnerability in Mozilla Firefox before
2.0.0.17 ...)
{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
@@ -16681,10 +16676,8 @@
- icedove 2.0.0.17-1
CVE-2008-4066 (Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17,
allows ...)
{DSA-1669-1 DSA-1649-1}
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- NOTE: Fix should be in next iceape/icedove DSA patchround
- - iceweasel 3.0
- - xulrunner 1.9
+ - iceweasel 3.0.1-1
+ - xulrunner 1.9.0.1-1
- iceape 1.1.12-1
- icedove 2.0.0.17-1
CVE-2008-4065 (Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2,
Thunderbird ...)
@@ -17281,14 +17274,13 @@
- iceape 1.1.12-1 (low)
CVE-2008-3836 (feedWriter in Mozilla Firefox before 2.0.0.17 allows remote
attackers ...)
{DSA-1697-1 DSA-1669-1 DSA-1649-1}
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- - iceweasel 3.0
- - xulrunner 1.9
+ - iceweasel 3.0.1-1
+ - xulrunner 1.9.0.1-1
+ - iceape 1.1.12-1
CVE-2008-3835 (The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox
...)
{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- - xulrunner 1.9
- - iceweasel 3.0
+ - xulrunner 1.9.0.1-1
+ - iceweasel 3.0.1-1
- iceape 1.1.12-1
- icedove 2.0.0.17-1
CVE-2008-3834 (The dbus_signature_validate function in the D-bus library
(libdbus) ...)
@@ -25061,6 +25053,7 @@
{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
+ - iceape 1.1.9-1
CVE-2008-0593 (Gecko-based browsers, including Mozilla Firefox before 2.0.0.12
and ...)
{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
- iceweasel 2.0.0.12-1
@@ -25075,6 +25068,7 @@
{DSA-1506-1 DSA-1489-1 DSA-1484-1}
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
+ - iceape 1.1.9-1
CVE-2008-0590 (Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0
allows ...)
NOT-FOR-US: WS_FTP Server with SSH
CVE-2008-0589 (The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1
allows ...)
@@ -25504,6 +25498,7 @@
{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
- iceweasel 2.0.0.12-1
- xulrunner 1.8.1.12-1
+ - iceape 1.1.8-1
CVE-2008-0416 (Multiple cross-site scripting (XSS) vulnerabilities in Mozilla
Firefox ...)
{DSA-1506-1 DSA-1489-1 DSA-1485-2 DSA-1484-1}
- iceweasel 2.0.0.12-1
@@ -27204,9 +27199,8 @@
- iceape 1.1.13-1
CVE-2008-0016 (Stack-based buffer overflow in the URL parsing implementation in
...)
{DSA-1697-1 DSA-1696-1 DSA-1669-1 DSA-1649-1}
- NOTE: Iceweasel 3.0 aka Xulrunner 1.9 not affected
- - xulrunner 1.9
- - iceweasel 3.0
+ - xulrunner 1.9.0.1-1
+ - iceweasel 3.0.1-1
- iceape 1.1.12-1
- icedove 2.0.0.17-1
CVE-2008-0015 (Stack-based buffer overflow in the CComVariant::ReadFromStream
...)