Author: gilbert-guest Date: 2009-11-09 03:13:14 +0000 (Mon, 09 Nov 2009) New Revision: 13242 Modified: data/embedded-code-copies Log: bugs for prototypejs (more to do: scriptaculous, lucene, horde3, but i''m tired; will get to it in the next few days) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2009-11-09 02:51:03 UTC (rev 13241) +++ data/embedded-code-copies 2009-11-09 03:13:14 UTC (rev 13242) @@ -643,63 +643,43 @@ prototypejs - netbeans-ide 6.0.1+dfsg-2 (embed) - - auth2db <unfixed> (embed) - - webcit <unfixed> (embed) + - auth2db <unfixed> (embed; bug #555218) + - webcit <unfixed> (embed; bug #555219) - asterisk 1:1.6.2.0~rc3-1 (embed) - - doc-iana <unfixed> (embed) - - libaws <unfixed> (embed) - - libjson-ruby <unfixed> (embed) - - lucene2 <unfixed> (embed) - - solr <unfixed> (embed) - - glpi <unfixed> (embed) - - mnemo2 <unfixed> (embed) - - nag2 <unfixed> (embed) - - knowledgeroot <unfixed> (embed) - - mediatomb <unfixed> (embed) + - libjson-ruby <unfixed> (embed; bug #555224) + - lucene2 <unfixed> (embed; bug #555226) + - horde3 <unfixed> (embed) + - knowledgeroot <unfixed> (embed; bug #555230) + - mediatomb <unfixed> (embed; bug #555233) - mt-daapd 0.9~r1696.dfsg-6lenny2 (embed) - - op-panel <unfixed> (embed) - - ebug-http <unfixed> (embed) + - ebug-http <unfixed> (embed; bug #555236) - phpgedview <removed> (embed) - - poker-network <unfixed> (embed) - - webhelpers <unfixed> (embed) - - qwik <unfixed> (embed) + - poker-network <unfixed> (embed; bug #555238) - rails 2.1.0-6 (embed) - - typo3-src <unfixed> (embed) - - wordpress 2.5.0-2 (embed) - - zope <unfixed> (embed) - - smokeping 2.3.6-3 (embed) + - wordpress 2.5.0-2 (embed; bug #555243) + - zope <not-affected> (the prototypejs embed is not in any of the obvious zope packages, e.g. zope2.9, zope2.10, zope2.11, and zope3) + TODO: search through all of the other zope packages - ampache 3.4.1-2 (embed) - - exaile <unfixed> (embed) - - hobix <unfixed> (embed) - - pixelpost <unfixed> (embed) - - symfony <unfixed> (embed) - NOTE: it''s been said that there are custom changes - - zabbix <unfixed> (embed) - - turba2 <unfixed> (embed) - - chora2 <unfixed> (embed) - - gollem <unfixed> (embed) - - jscropperui <unfixed> (embed) - - rt-extension-emailcompletion <unfixed> (embed) - - scriptaculous <unfixed> (embed) - - ingo1 <unfixed> (embed) - - kronolith2 <unfixed> (embed) - - libpdfbox-java <unfixed> (embed) + - exaile <unfixed> (embed; bug #555245) + - hobix <unfixed> (embed; bug #555247) + - zabbix <unfixed> (embed; bug #555250) + - chora2 <unfixed> (embed; bug #555253) + - gollem <unfixed> (embed; bug # 555254) + - jscropperui <unfixed> (embed; bug #555257) + - scriptaculous <unfixed> (embed; bug #555260) + - ingo1 <unfixed> (embed; bug #555261) + - kronolith2 <unfixed> (embed; bug #555262) - activeldap <unfixed> (embed) - - libfontbox-java <unfixed> (embed) - - libjempbox-java <unfixed> (embed) - - libv8 <unfixed> (embed) - - mantis <unfixed> (embed) - - otrs2 <unfixed> (embed) - - webcalendar <unfixed> (embed) - - redmine <unfixed> (embed) - - jifty <unfixed> (embed) - - jquery <unfixed> (embed) - - passenger <unfixed> (embed) - - plone3 <unfixed> (embed) - - pylucene <unfixed> (embed) - - request-tracker3.6 <unfixed> (embed) - - request-tracker3.8 <unfixed> (embed) - - wesnoth <unfixed> (embed) + - libv8 <not-affected> (contains a google-specific implementation of prototype.js) + - mantis <unfixed> (embed; bug #555265) + - otrs2 <unfixed> (embed; bug #555267) + - webcalendar <unfixed> (embed; bug #555269) + - redmine 0.9.0~svn2907-1 (embed; bug #555270) + - jifty <unfixed> (embed; bug #555271) + - jquery <unfixed> (embed; bug #555272) + - passenger <unfixed> (embed; bug #555273) + - plone3 <unfixed> (embed; bug #555275) + - wesnoth <unfixed> (embed; bug #555277) - xulrunner <unfixed> (embed) NOTE: included in iceweasel/xulrunner unit tests directory, so may not be security-relevant @@ -775,22 +755,21 @@ - glpi <unfixed> (embed) - moodle <unfixed> (embed; bug #505984) -scriptaculous +scriptaculous (prototype.js is among the embeds in the following) - glpi <unfixed> (embed) - - libaws <unfixed> (embed) - NOTE: libaws-doc + - libaws <unfixed> (embed; bug #555222) - op-panel <unfixed> (embed) - symfony <unfixed> (embed) NOTE: maintainer says there are extra incompatible changes required - pixelpost <unfixed> (embed) - webhelpers <unfixed> (embed) - NOTE: python-webhelpers - - qwik <unfixed> (embed) + - qwik <unfixed> (embed; bug #555241) - smokeping <unfixed> (embed) - turba2 <unfixed> (embed) - typo3-src 4.2.3-1 (embed) - request-tracker3.6 <unfixed> (embed) - request-tracker3.8 <unfixed> (embed) + - rt-extension-emailcompletion <unfixed> (embed) libmarkdown-php - moodle <unfixed> (embed; bug #507185) @@ -915,9 +894,7 @@ - zope-textindexng3 <unknown> (embed) - iceweasel <unknown> (embed) - xulrunner <unknown> (embed) - - wireshark <not-affected> (embed) - NOTE: python-ply modules are not installed into binary packages - NOTE: see #554613 + - wireshark <not-affected> (python-ply modules are not installed into binary packages; see #554613) libdumbnet (libdnet upstream) - nmap <unfixed> (fork) @@ -1095,8 +1072,7 @@ - iceweasel <unknown> (embed) - sabnzbdplus <unknown> (embed) - xulrunner <unknown> (embed) - - nipy <not-affected> (embed) [./examples/neurospin/neurospy/configobj.py] - NOTE: part of an example, which is not installed into binary packages + - nipy <not-affected> (part of an example [/examples/neurospin/neurospy/configobj.py], which is not installed into binary packages) python-clientform - bibus <unfixed> (embed) @@ -1277,7 +1253,7 @@ NOTE: be dangerous if developers are naively basing their code off of the examples NOTE: prototype.js is among the example files -lucene2 +lucene2 (prototype.js is among the embeds in the following) - lucene <unfixed> (old-version) - pylucene <unfixed> (embed) - libpdfbox-java <unfixed> (embed) @@ -1346,3 +1322,7 @@ - convirt <unfixed> (embed) - pida <unfixed> (embed) - rednotebook <unfixed> (embed) + +horde3 (prototype.js is among the embeds in the following) + - mnemo2 <unfixed> (embed) + - nag2 <unfixed> (embed)