[Secure-testing-commits] r20669 - data/CVE

Joey Hess joeyh at alioth.debian.org
Sun Dec 16 21:14:28 UTC 2012 

Author: joeyh
Date: 2012-12-16 21:14:28 +0000 (Sun, 16 Dec 2012)
New Revision: 20669

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-12-16 15:16:18 UTC (rev 20668)
+++ data/CVE/list	2012-12-16 21:14:28 UTC (rev 20669)
@@ -1978,7 +1978,7 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2012-5842 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	{DSA-2584-1 DSA-2583-1}
+	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -2041,7 +2041,7 @@
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-5829 (Heap-based buffer overflow in the nsWindow::OnExposeEvent function in ...)
-	{DSA-2584-1 DSA-2583-1}
+	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -2670,6 +2670,7 @@
 	NOTE: http://lists.opendnssec.org/pipermail/opendnssec-user/2012-November/002296.html
 CVE-2012-5581 [libtiff: Stack based buffer overflow when handling DOTRANGE tags]
 	RESERVED
+	{DSA-2589-1}
 	- tiff 4.0.2-1 (bug #694693)
 	- tiff3 3.9.6-10
 	NOTE: http://www.openwall.com/lists/oss-security/2012/11/28/1
@@ -6382,7 +6383,7 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2012-4216 (Use-after-free vulnerability in the gfxFont::GetFontEntry function in ...)
-	{DSA-2584-1 DSA-2583-1}
+	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -6425,7 +6426,7 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2012-4207 (The HZ-GB-2312 character-set implementation in Mozilla Firefox before ...)
-	{DSA-2584-1 DSA-2583-1}
+	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1
@@ -6449,7 +6450,7 @@
 	[squeeze] - icedove <not-affected> (Vulnerable code not present)
 	[squeeze] - iceape <not-affected> (Vulnerable code not present)
 CVE-2012-4201 (The evalInSandbox implementation in Mozilla Firefox before 17.0, ...)
-	{DSA-2584-1 DSA-2583-1}
+	{DSA-2588-1 DSA-2584-1 DSA-2583-1}
 	- iceweasel 10.0.11esr-1
 	- icedove 10.0.11-1
 	- iceape 2.7.11-1

More information about the Secure-testing-commits mailing list