Author: jmm-guest Date: 2010-06-24 17:12:43 +0000 (Thu, 24 Jun 2010) New Revision: 14900 Modified: data/CVE/list Log: - one nginx issue not-affected - one more xulrunner issue not-affected Modified: data/CVE/list ==================================================================--- data/CVE/list 2010-06-23 23:58:32 UTC (rev 14899) +++ data/CVE/list 2010-06-24 17:12:43 UTC (rev 14900) @@ -373,9 +373,7 @@ CVE-2010-2264 (The Cascading Style Sheets (CSS) implementation in WebKit in Apple ...) - webkit <undetermined> CVE-2010-2263 (nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on ...) - - nginx <undetermined> - NOTE: claimed windows-only - TODO: check + - nginx <not-affected> (Windows-specific vulnerability when running on NTFS) CVE-2009-4892 (SQL injection vulnerability in Content Management System WEBjump! ...) NOT-FOR-US: Content Management System WEBjump! CVE-2009-4891 (SQL injection vulnerability in index.php in CS-Cart 2.0.0 Beta 3 ...) @@ -3472,9 +3470,8 @@ CVE-2010-1126 (The JavaScript implementation in WebKit allows remote attackers to ...) - webkit <not-affected> (proof-of-concept not effective; windows-only?) CVE-2010-1125 (The JavaScript implementation in Mozilla Firefox 3.x allows remote ...) - - xulrunner 1.9.1.10-1 - - iceape 2.0.5-1 - [lenny] - iceape <not-affected> (Only a stub package) + - xulrunner <not-affected> (Only affects Firefox 3.6, i.e xulrunner 1.9.2) + NOTE: Description is wrong, only affects Firefox 3.6 per https://bugzilla.mozilla.org/show_bug.cgi?id=552255 CVE-2010-1124 (bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading ...) NOT-FOR-US: IBM AIX CVE-2010-1123 (Chip Salzenberg Deliver does not properly associate a lockfile with ...)