thr3ads.net - Secure testing commits - [Secure-testing-commits] r14036

If this information is useful, please help other people find it:
Share via:
Moritz Muehlenhoff
2010-Feb-04 23:06 UTC
[Secure-testing-commits] r14036 - data/CVE

Author: jmm-guest
Date: 2010-02-04 23:06:23 +0000 (Thu, 04 Feb 2010)
New Revision: 14036

Modified:
   data/CVE/list
Log:
more xulrunner end-of-lifes


Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-02-04 22:41:45 UTC (rev 14035)
+++ data/CVE/list	2010-02-04 23:06:23 UTC (rev 14036)
@@ -2947,16 +2947,19 @@
 CVE-2009-3982 (Multiple unspecified vulnerabilities in the JavaScript engine in
...)
 	- xulrunner 1.9.1.6-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
+	[etch] - xulrunner <not-affected> (Only affects Firefox 3.5)
 CVE-2009-3981 (Unspecified vulnerability in the browser engine in Mozilla
Firefox ...)
 	{DSA-1956-1}
 	- xulrunner 1.9.1
 	NOTE: Only affects Firefox 3
 CVE-2009-3980 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	- xulrunner 1.9.1.6-1
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
 CVE-2009-3979 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	{DSA-1956-1}
 	- xulrunner 1.9.1.6-1
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-3978 (The nsGIFDecoder2::GifWrite function in
decoders/gif/nsGIFDecoder2.cpp ...)
 	- xulrunner 1.9.1.5-1 (unimportant)
 	NOTE: Browser crashes not treated as security issues
@@ -4699,10 +4702,12 @@
 	- libtheora 1.1
 	[etch] - libtheora <not-affected> (vulnerable code not present)
 	- xulrunner 1.9.1.6-1
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were
added in 3.5)
 CVE-2009-3388 (liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey
before ...)
 	- liboggplay <unfixed>
 	- xulrunner 1.9.1.6-1
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 	[lenny] - xulrunner <not-affected> (Video playback capabilities were
added in 3.5)
 CVE-2009-3387 (Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow
group ...)
 	- bugzilla <not-affected> (Only Bugzilla >= 3.3 is affected)
@@ -4725,7 +4730,7 @@
 CVE-2009-3382 (layout/base/nsCSSFrameConstructor.cpp in the browser engine in
Mozilla ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer
covered by security support)
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-3381 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	- xulrunner 1.9.1.4-1
 	[lenny] - xulrunner <not-affected> (Only affects Firefox 3.5)
@@ -4733,7 +4738,7 @@
 CVE-2009-3380 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer
covered by security support)
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-3379 (Multiple unspecified vulnerabilities in libvorbis, as used in
Mozilla ...)
 	{DSA-1939-1}
 	- libvorbis 1.2.3-1 (medium)
@@ -4753,7 +4758,7 @@
 CVE-2009-3376 (Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and
SeaMonkey ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer
covered by security support)
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-3375 (content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox
3.0.x ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
@@ -4761,7 +4766,7 @@
 CVE-2009-3374 (The XPCVariant::VariantDataToJS function in the XPCOM
implementation ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer
covered by security support)
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-3373 (Heap-based buffer overflow in the GIF image parser in Mozilla
Firefox ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
@@ -4779,7 +4784,7 @@
 CVE-2009-3370 (Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows
remote ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer
covered by security support)
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-3368 (Cross-site scripting (XSS) vulnerability in the Hotel Booking
...)
 	NOT-FOR-US: component for Joomla!
 CVE-2009-3367 (Multiple cross-site scripting (XSS) vulnerabilities in An image
...)
@@ -5007,7 +5012,7 @@
 CVE-2009-3274 (Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions,
and ...)
 	{DSA-1922-1}
 	- xulrunner 1.9.1.4-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer
covered by security support)
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-3273 (iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch,
does not ...)
 	NOT-FOR-US: Apple iPhone
 CVE-2009-3272 (Stack consumption vulnerability in WebKit.dll in WebKit in Apple
...)
@@ -7457,7 +7462,7 @@
 CVE-2009-2664 (The js_watch_set function in js/src/jsdbgapi.cpp in the
JavaScript ...)
 	{DSA-1873-1}
 	- xulrunner 1.9.0.13-1
-	[etch] - xulrunner <no-dsa> (Mozilla packages from oldstable no longer
covered by security support)
+	[etch] - xulrunner <end-of-life> (Mozilla packages from oldstable no
longer covered by security support)
 CVE-2009-2663 (libvorbis before r16182, as used in Mozilla Firefox 3.5.x before
3.5.2 ...)
 	{DSA-1939-1}
 	- libvorbis 1.2.0.dfsg-6 (medium; bug #540958)
@@ -16006,8 +16011,8 @@
 CVE-2008-5914 (An unspecified function in the JavaScript implementation in
Apple ...)
 	NOT-FOR-US: Apple
 CVE-2008-5913 (An unspecified function in the JavaScript implementation in
Mozilla ...)
-	- xulrunner <unfixed> (undetermined; bug #559792)
-	- iceape <unfixed> (undetermined)
+	- xulrunner <undetermined> (bug #559792)
+	- iceape <undetermined>
 CVE-2008-5912 (An unspecified function in the JavaScript implementation in
Microsoft ...)
 	NOT-FOR-US: Microsoft
 CVE-2008-5911 (Multiple buffer overflows in RealNetworks Helix Server and Helix
...)
Secure testing commits - Feb 2010 - r14036 - data/CVE

[Secure-testing-commits] r14036 - data/CVE
