Secure testing commits - Feb 2010 - r14127 - data/CVE

Author: gilbert-guest
Date: 2010-02-19 03:25:58 +0000 (Fri, 19 Feb 2010)
New Revision: 14127

Modified:
   data/CVE/list
Log:
new pidgin and xulrunner issues fixed in unstable

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-02-18 22:18:09 UTC (rev 14126)
+++ data/CVE/list	2010-02-19 03:25:58 UTC (rev 14127)
@@ -581,16 +581,19 @@
 	RESERVED
 CVE-2010-0424
 	RESERVED
-CVE-2010-0423
+CVE-2010-0423 [pidgin remote denial-of-service]
 	RESERVED
+	- pidgin 2.6.6-1 (unimportant)
 CVE-2010-0422 [another gnome-screensaver issue]
 	RESERVED
 	- gnome-screensaver 2.28.3-1
 	[lenny] - gnome-screensaver <not-affected> (Vulnerable code not present)
 CVE-2010-0421
 	RESERVED
-CVE-2010-0420
+CVE-2010-0420 [pidgin crash]
 	RESERVED
+	- pidgin 2.6.6-1
+	TODO: unimportant?
 CVE-2010-0419
 	RESERVED
 CVE-2010-0418
@@ -1135,7 +1138,7 @@
 CVE-2009-4595 (SQL injection vulnerability in index.php in PHP Inventory 1.2
allows ...)
 	NOT-FOR-US: PHP Inventory
 CVE-2010-0277 (slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4
and ...)
-	- pidgin <unfixed> (low; bug #566775)
+	- pidgin 2.6.6-1 (low; bug #566775)
 CVE-2010-0276 (IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241
for ...)
 	NOT-FOR-US: IBM Lotus iNotes
 CVE-2010-0275 (Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or
DWA) ...)
@@ -1399,7 +1402,7 @@
 CVE-2010-0162 [same-origin bypass]
 	RESERVED
 	{DSA-1999-1}
-	- xulrunner <unfixed>
+	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
 	- iceape <unfixed>
 CVE-2010-0161
@@ -1407,14 +1410,14 @@
 CVE-2010-0160 [vulnerability in web workers]
 	RESERVED
 	{DSA-1999-1}
-	- xulrunner <unfixed>
+	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <not-affected> (web workers introduced in firefox
3.5)
 	[lenny] - xulrunner <not-affected> (web workers introduced in firefox
3.5)
 	- iceape <unfixed>
 CVE-2010-0159 [several vulnerabilities]
 	RESERVED
 	{DSA-1999-1}
-	- xulrunner <unfixed>
+	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
 	- iceape <unfixed>
 CVE-2010-0158 (** DISPUTED ** ...)
@@ -3274,7 +3277,7 @@
 CVE-2009-3988 [same-origin flaw in showModalDialog]
 	RESERVED
 	{DSA-1999-1}
-	- xulrunner <unfixed>
+	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
 	- iceape <unfixed>
 CVE-2009-3987 (The GeckoActiveXObject function in Mozilla Firefox before 3.0.16
and ...)
@@ -10863,7 +10866,7 @@
 CVE-2009-1571 [memory incorrectly freed]
 	RESERVED
 	{DSA-1999-1}
-	- xulrunner <unfixed>
+	- xulrunner 1.9.1.8-1
 	[etch] - xulrunner <end-of-life>
 	- iceape <unfixed>
 CVE-2009-1570 (Integer overflow in the ReadImage function in ...)