Author: jmm
Date: 2011-10-09 18:20:35 +0000 (Sun, 09 Oct 2011)
New Revision: 17398
Modified:
data/CVE/list
Log:
remove annotations for bugzilla in lenny and squeeze, they are
implicitly unfixed in stable/oldstable if marked as removed for
sid.
Modified: data/CVE/list
==================================================================---
data/CVE/list 2011-10-09 17:12:46 UTC (rev 17397)
+++ data/CVE/list 2011-10-09 18:20:35 UTC (rev 17398)
@@ -2668,8 +2668,6 @@
- bugzilla <not-affected> (Only affects Bugzilla 4.1, never uploaded to
the archive)
CVE-2011-2978 (Bugzilla 2.16rc1 through 2.22.7, 3.0.x through 3.3.x, 3.4.x
before ...)
- bugzilla <removed> (low)
- [squeeze] - bugzilla <unfixed> (low)
- [lenny] - bugzilla <unfixed> (low)
CVE-2011-2977 (Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and
4.1.x ...)
- bugzilla <not-affected> (Only affects Bugzilla on Windows)
CVE-2011-2976 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.16rc1
through ...)
@@ -4268,16 +4266,10 @@
RESERVED
CVE-2011-2381 (CRLF injection vulnerability in Bugzilla 2.17.1 through 2.22.7,
3.0.x ...)
- bugzilla <removed> (low)
- [squeeze] - bugzilla <unfixed> (low)
- [lenny] - bugzilla <unfixed> (low)
CVE-2011-2380 (Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x
before ...)
- bugzilla <removed> (low)
- [squeeze] - bugzilla <unfixed> (low)
- [lenny] - bugzilla <unfixed> (low)
CVE-2011-2379 (Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through
...)
- bugzilla <removed> (low)
- [squeeze] - bugzilla <unfixed> (low)
- [lenny] - bugzilla <unfixed> (low)
CVE-2011-2378 (The appendChild function in Mozilla Firefox before 3.6.20,
Thunderbird ...)
{DSA-2297-1 DSA-2296-1 DSA-2295-1}
- icedove 3.1.12-1
@@ -11307,8 +11299,6 @@
NOT-FOR-US: Majordomo
CVE-2011-0048 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4,
and ...)
- bugzilla <removed> (bug #611176)
- [squeeze] - bugzilla <unfixed> (bug #611176)
- [lenny] - bugzilla <unfixed> (bug #611176)
NOTE: http://www.bugzilla.org/security/3.2.9/
CVE-2011-0047 (Cross-site scripting (XSS) vulnerability in MediaWiki before
1.16.2 ...)
- mediawiki 1:1.15.5-3 (low; bug #611787)
@@ -11316,8 +11306,6 @@
[squeeze] - mediawiki 1:1.15.5-2squeeze1 (low; bug #611787)
CVE-2011-0046 (Multiple cross-site request forgery (CSRF) vulnerabilities in
Bugzilla ...)
- bugzilla <removed> (bug #611176)
- [squeeze] - bugzilla <unfixed> (bug #611176)
- [lenny] - bugzilla <unfixed> (bug #611176)
NOTE: http://www.bugzilla.org/security/3.2.9/
CVE-2010-4578 (Google Chrome before 8.0.552.224 and Chrome OS before
8.0.552.343 do ...)
{DSA-2188-1}
@@ -11346,8 +11334,6 @@
NOT-FOR-US: VMware ESXi
CVE-2010-4572 (CRLF injection vulnerability in chart.cgi in Bugzilla before
3.2.10, ...)
- bugzilla <removed>
- [squeeze] - bugzilla <unfixed>
- [lenny] - bugzilla <unfixed>
NOTE: http://www.bugzilla.org/security/3.2.9/
NOTE: perl and associate packages are CVE-2010-2761 and CVE-2010-4411 (see
above reference)
CVE-2010-4571
@@ -11358,13 +11344,9 @@
- bugzilla <not-affected> (vulnerable code introduced in 3.7)
CVE-2010-4568 (Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before
3.2.10; ...)
- bugzilla <removed> (bug #611176)
- [squeeze] - bugzilla <unfixed> (bug #611176)
- [lenny] - bugzilla <unfixed> (bug #611176)
NOTE: http://www.bugzilla.org/security/3.2.9/
CVE-2010-4567 (Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4,
and ...)
- bugzilla <removed> (high; bug #611176)
- [squeeze] - bugzilla <unfixed> (high; bug #611176)
- [lenny] - bugzilla <unfixed> (high; bug #611176)
NOTE: http://www.bugzilla.org/security/3.2.9/
CVE-2010-4566 (The web authentication form in the NT4 authentication component
in ...)
NOT-FOR-US: Citrix Acces Gateway