Author: jmm-guest
Date: 2010-09-08 08:20:11 +0000 (Wed, 08 Sep 2010)
New Revision: 15288
Modified:
data/CVE/list
Log:
new mozilla issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2010-09-08 07:50:24 UTC (rev 15287)
+++ data/CVE/list 2010-09-08 08:20:11 UTC (rev 15288)
@@ -152,14 +152,30 @@
RESERVED
CVE-2010-3170
RESERVED
-CVE-2010-3169
+CVE-2010-3169 [Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)]
RESERVED
-CVE-2010-3168
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-3168 [XUL tree removal crash and remote code execution]
RESERVED
-CVE-2010-3167
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-3167 [Dangling pointer vulnerability in nsTreeContentView]
RESERVED
-CVE-2010-3166
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-3166 [Heap buffer overflow in nsTextFrameUtils::TransformText]
RESERVED
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
CVE-2010-3165
RESERVED
CVE-2010-3164
@@ -1235,26 +1251,61 @@
[lenny] - mapserver <no-dsa> (Minor issue)
CVE-2010-2770
RESERVED
-CVE-2010-2769
+ - xulrunner <not-affected> (The vulnerability is MacOS-specific)
+ - iceape <not-affected> (The vulnerability is MacOS-specific)
+CVE-2010-2769 [Copy-and-paste or drag-and-drop into designMode document allows
XSS]
RESERVED
-CVE-2010-2768
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-2768 [UTF-7 XSS by overriding document charset using <object> type
attribute]
RESERVED
-CVE-2010-2767
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-2767 [Dangling pointer vulnerability using DOM plugin array]
RESERVED
-CVE-2010-2766
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-2766 [Crash and remote code execution in normalizeDocument]
RESERVED
-CVE-2010-2765
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-2765 [Frameset integer overflow vulnerability]
RESERVED
-CVE-2010-2764
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-2764 [Information leak via XMLHttpRequest statusText]
RESERVED
-CVE-2010-2763
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-2763 [XSS using SJOW scripted function]
RESERVED
-CVE-2010-2762
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
+CVE-2010-2762 [SJOW creates scope chains ending in outer object]
RESERVED
+ - xulrunner <not-affected> (Only affects 3.6, only in experimental)
CVE-2010-2761
RESERVED
-CVE-2010-2760
+CVE-2010-2760 [Dangling pointer vulnerability in nsTreeSelection]
RESERVED
+ - xulrunner <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
+ [lenny] - iceape <not-affected> (Only a stub package)
CVE-2010-2759 (Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1
through ...)
- bugzilla <unfixed> (bug #595015; medium)
CVE-2010-2758 (Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1
through ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits
