[Secure-testing-commits] r24757 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Dec 15 12:35:35 UTC 2013 

Author: carnil
Date: 2013-12-15 12:35:35 +0000 (Sun, 15 Dec 2013)
New Revision: 24757

Modified:
   data/CVE/list
Log:
Couple of CVEs fixed in iceweasel upload to unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-12-15 12:28:54 UTC (rev 24756)
+++ data/CVE/list	2013-12-15 12:35:35 UTC (rev 24757)
@@ -1733,7 +1733,7 @@
 CVE-2013-6674
 	RESERVED
 CVE-2013-6673 (Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird ...)
-	- iceweasel <unfixed>
+	- iceweasel 24.2.0esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -1743,7 +1743,7 @@
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
 CVE-2013-6671 (The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before ...)
-	- iceweasel <unfixed>
+	- iceweasel 24.2.0esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -1885,6 +1885,12 @@
 	- libjpeg8 8d-2 (low; bug #729867)
 	[squeeze] - libjpeg8 <no-dsa> (Minor issue)
 	[wheezy] - libjpeg8 <no-dsa> (Minor issue)
+	- iceweasel 24.2.0esr-1
+	[squeeze] - iceweasel <end-of-life>
+	- icedove <unfixed>
+	[squeeze] - icedove <end-of-life>
+	- iceape <unfixed>
+	[squeeze] - iceape <end-of-life>
 	NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
 CVE-2013-6629 (The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) ...)
 	{DSA-2799-1}
@@ -1897,6 +1903,12 @@
 	- libjpeg8 8d-2 (low; bug #729867)
 	[squeeze] - libjpeg8 <no-dsa> (Minor issue)
 	[wheezy] - libjpeg8 <no-dsa> (Minor issue)
+	- iceweasel 24.2.0esr-1
+	[squeeze] - iceweasel <end-of-life>
+	- icedove <unfixed>
+	[squeeze] - icedove <end-of-life>
+	- iceape <unfixed>
+	[squeeze] - iceape <end-of-life>
 	NOTE: http://packetstormsecurity.com/files/123989/IJG-jpeg6b-libjpeg-turbo-Uninitialized-Memory.html
 CVE-2013-6628 (net/socket/ssl_client_socket_nss.cc in the TLS implementation in ...)
 	{DSA-2799-1}
@@ -4292,7 +4304,7 @@
 	- iceweasel <not-affected> (Only affects Firefox 25)
 	- iceape <not-affected> (Only affects Firefox 25)
 CVE-2013-5618 (Use-after-free vulnerability in the nsNodeUtils::LastRelease function ...)
-	- iceweasel <unfixed>
+	- iceweasel 24.2.0esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -4301,14 +4313,14 @@
 CVE-2013-5617
 	RESERVED
 CVE-2013-5616 (Use-after-free vulnerability in the ...)
-	- iceweasel <unfixed>
+	- iceweasel 24.2.0esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	[squeeze] - iceweasel <end-of-life>
 	[squeeze] - icedove <end-of-life>
 	[squeeze] - iceape <end-of-life>
 CVE-2013-5615 (The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ...)
-	- iceweasel <unfixed>
+	- iceweasel 24.2.0esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -4317,7 +4329,7 @@
 CVE-2013-5614 (Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly ...)
 	- iceweasel <not-affected> (Only affects Firefox 25)
 CVE-2013-5613 (Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove ...)
-	- iceweasel <unfixed>
+	- iceweasel 24.2.0esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	[squeeze] - iceweasel <end-of-life>
@@ -4332,7 +4344,7 @@
 	- iceape <not-affected> (Only affects Firefox 25)
 	- icedove <not-affected> (Only affects Firefox 25)
 CVE-2013-5609 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	- iceweasel <unfixed>
+	- iceweasel 24.2.0esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	[squeeze] - iceweasel <end-of-life>

More information about the Secure-testing-commits mailing list