Re: Some CVE updates

To: debian-security-tracker@lists.debian.org
Subject: Re: Some CVE updates
From: Mike Hommey <mh@glandium.org>
Date: Wed, 14 Apr 2010 00:29:59 +0200
Message-id: <[🔎] 20100413222959.GA4349@glandium.org>
In-reply-to: <[🔎] 20100413222749.GA4277@glandium.org>
References: <[🔎] 20100413222749.GA4277@glandium.org>

On Wed, Apr 14, 2010 at 12:27:49AM +0200, Mike Hommey wrote:
> Hi,
> 
> I went through the CVE list on the security tracker, and noted 2 CVEs
> marked as vulnerable in testing/unstable while it is not the case:
> - CVE-2009-4630 was fixed during the gecko 1.9.1 development cycle, and
>   as such was already fixed in all 2.x versions of iceape and 1.9.1.x
>   and 1.9.2.x versions of xulrunner.
> - CVE-2010-0182 was fixed in xulrunner 1.9.1.9-1, but I had to leave it
>   out of the changelog because at the time I wrote it, the equivalent
>   MFSA information was broken on mozilla.org, and I couldn't know what
>   CVE it was about.

The latter was also fixed in xulrunner 1.9.2.2, so, as 1.9.2.3 was the
first version in experimental, it's also fixed in the version in
experimental.

Mike

Reply to:

References:
- Some CVE updates
  - From: Mike Hommey <mh@glandium.org>

Prev by Date: Some CVE updates
Next by Date: Should security tracker and PTS track terminated oldstable security issue as open?
Previous by thread: Some CVE updates
Next by thread: Re: Some CVE updates
Index(es):
- Date
- Thread