Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0ee207b8 by Markus Koschany at 2018-04-20T23:22:05+02:00
Mark xulrunner issues as end-of-life in wheezy because
they are ancient history by now and no detailed information are available to
fix them.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -213379,6 +213379,7 @@ CVE-2010-4222
RESERVED
CVE-2009-5017 (Mozilla Firefox before 3.6 Beta 3 does not properly handle
overlong ...)
- xulrunner <undetermined>
+ [wheezy] - xulrunner <end-of-life> (no detailed information available)
CVE-2009-5016 (Integer overflow in the xml_utf8_decode function in
ext/xml/xml.c in ...)
- php5 5.3.3-4
[lenny] - php5 5.2.6.dfsg.1-1+lenny10
@@ -223647,6 +223648,7 @@ CVE-2010-0649 (Integer overflow in the
CrossCallParamsEx::CreateFromBuffer funct
- webkit <not-affected> (chrome-specific issue)
CVE-2010-0648 (Mozilla Firefox, possibly before 3.6, allows remote attackers
to ...)
- xulrunner <undetermined> (bug #570743)
+ [wheezy] - xulrunner <end-of-life> (no detailed information available)
CVE-2010-0647 (WebKit before r53525, as used in Google Chrome before
4.0.249.89, ...)
- chromium-browser 5.0.375.29~r46008-1
- webkit 1.1.21-1 (medium)
@@ -226743,8 +226745,10 @@ CVE-2009-XXXX [monkey DoS]
[lenny] - monkey <no-dsa> (Minor issue, fringe package)
CVE-2009-4130 (Visual truncation vulnerability in the MakeScriptDialogTitle
function ...)
- xulrunner <undetermined> (bug #565521)
+ [wheezy] - xulrunner <end-of-life> (no detailed information available)
CVE-2009-4129 (Race condition in Mozilla Firefox allows remote attackers to
produce a ...)
- xulrunner <undetermined> (bug #565521)
+ [wheezy] - xulrunner <end-of-life> (no detailed information available)
CVE-2009-4128 (GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the
submitted ...)
- grub2 1.97+20091115-1 (bug #555195)
[lenny] - grub2 <not-affected> (Password authentication not yet present)
@@ -233471,6 +233475,7 @@ CVE-2009-2066 (Apple Safari detects http content in
https web pages only when th
NOT-FOR-US: Apple Safari
CVE-2009-2065 (Mozilla Firefox 3.0.10, and possibly other versions, detects
http ...)
- xulrunner <undetermined> (bug #565521)
+ [wheezy] - xulrunner <end-of-life> (no detailed information available)
CVE-2009-2064 (Microsoft Internet Explorer 8, and possibly other versions,
detects ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2009-2063 (Opera, possibly before 9.25, processes a 3xx HTTP CONNECT
response ...)
@@ -234850,6 +234855,7 @@ CVE-2009-1598 (Google Chrome executes DOM calls in
response to a javascript: URI
NOTE: it sounds like a "researcher misconception bug" (as seeming
explained by Abobe) rather than a security issue
CVE-2009-1597 (Mozilla Firefox executes DOM calls in response to a javascript:
URI in ...)
- xulrunner <undetermined> (bug #565521)
+ [wheezy] - xulrunner <end-of-life> (no detailed information available)
CVE-2009-1596 (Ignite Realtime Openfire before 3.6.5 does not properly
implement the ...)
NOT-FOR-US: Openfire
CVE-2009-1595 (The jabber:iq:auth implementation in IQAuthHandler.java in
Ignite ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ee207b83b731c49d4a7f3332bcb1917efaaa12f
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0ee207b83b731c49d4a7f3332bcb1917efaaa12f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
