Secure testing team - Jun 2006 - r4299 - data/CVE

Author: alec-guest
Date: 2006-06-24 23:48:41 +0000 (Sat, 24 Jun 2006)
New Revision: 4299

Modified:
   data/CVE/list
Log:
* CVE-2006-3127 (libnss in mozilla): after discussing with micah on irc,
  determined that it is a bug with mozilla nss but that the affected version is
  unreleased and not in Debian.


Modified: data/CVE/list
==================================================================---
data/CVE/list	2006-06-24 22:25:41 UTC (rev 4298)
+++ data/CVE/list	2006-06-24 23:48:41 UTC (rev 4299)
@@ -11,7 +11,7 @@
 CVE-2006-3128 (choose_file.php in easy-CMS 0.1.2, when mod_mime is installed,
does ...)
 	NOT-FOR-US: easy-CMS
 CVE-2006-3127 (Memory leak in Network Security Services (NSS) 3.11, as used in
Sun ...)
-	NOT-FOR-US: Sun Java Enterprise System
+	- mozilla <not-affected> (SunSolve claims it is only in 3.11; latest
released is 3.10)
 CVE-2006-3126
 	RESERVED
 CVE-2006-3125

* Alec Berryman:
> * CVE-2006-3127 (libnss in mozilla): after discussing with micah on irc,
>   determined that it is a bug with mozilla nss but that the affected
version is
>   unreleased and not in Debian.
Note that a *lot* of DoS bugs were recently fixed in NSS:

http://bonsai.mozilla.org/cvsquery.cgi?branch=HEAD&file=mozilla/security/nss/lib/&date=month