[Secure-testing-commits] r24769 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Dec 16 16:10:32 UTC 2013
Author: jmm
Date: 2013-12-16 16:10:32 +0000 (Mon, 16 Dec 2013)
New Revision: 24769
Modified:
data/CVE/list
Log:
iceape eol
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-12-16 15:58:50 UTC (rev 24768)
+++ data/CVE/list 2013-12-16 16:10:32 UTC (rev 24769)
@@ -1739,8 +1739,10 @@
- icedove <unfixed>
- iceape <unfixed>
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-6672 (Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow ...)
- iceweasel <not-affected> (Only affects Firefox 25)
- iceape <not-affected> (Only affects Firefox 25)
@@ -1750,6 +1752,7 @@
- iceape <unfixed>
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - iceape <end-of-life>
CVE-2013-6670
RESERVED
@@ -4312,6 +4315,7 @@
- icedove <unfixed>
- iceape <unfixed>
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
CVE-2013-5617
@@ -4321,6 +4325,7 @@
- icedove <unfixed>
- iceape <unfixed>
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
CVE-2013-5615 (The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ...)
@@ -4328,6 +4333,7 @@
- icedove <unfixed>
- iceape <unfixed>
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
CVE-2013-5614 (Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly ...)
@@ -4337,6 +4343,7 @@
- icedove <unfixed>
- iceape <unfixed>
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
CVE-2013-5612 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox before ...)
@@ -4352,6 +4359,7 @@
- icedove <unfixed>
- iceape <unfixed>
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
CVE-2013-5608
@@ -4369,6 +4377,7 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.10-1
[squeeze] - icedove <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - iceape <end-of-life>
- iceape <unfixed>
CVE-2013-5603 (Use-after-free vulnerability in the ...)
@@ -4391,11 +4400,14 @@
[squeeze] - iceweasel <end-of-life>
- icedove 17.0.10-1
- iceape <unfixed>
+ [wheezy] - iceape <end-of-life>
+ [squeeze] - iceape <end-of-life>
CVE-2013-5600 (Use-after-free vulnerability in the ...)
{DSA-2797-1 DSA-2788-1}
- iceweasel 24.1.0esr-1
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - iceape <end-of-life>
- icedove 17.0.10-1
- iceape <unfixed>
@@ -4403,6 +4415,7 @@
{DSA-2797-1 DSA-2788-1}
- iceweasel 24.1.0esr-1
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
- icedove 17.0.10-1
@@ -4417,6 +4430,7 @@
{DSA-2797-1 DSA-2788-1}
- iceweasel 24.1.0esr-1
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
- icedove 17.0.10-1
@@ -4433,6 +4447,7 @@
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
- icedove 17.0.10-1
- iceape <unfixed>
CVE-2013-5594
@@ -4461,6 +4476,7 @@
[squeeze] - iceweasel <end-of-life>
[squeeze] - icedove <end-of-life>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
- icedove 17.0.10-1
- iceape <unfixed>
CVE-2013-5634 (arch/arm/kvm/arm.c in the Linux kernel before 3.10 on the ARM ...)
@@ -14586,6 +14602,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1735 (Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity ...)
{DSA-2762-1 DSA-2759-1}
- iceweasel 24.0-1
@@ -14594,6 +14611,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1734 (Cross-site request forgery (CSRF) vulnerability in attachment.cgi in ...)
- bugzilla <removed> (low)
[squeeze] - bugzilla <no-dsa> (Minor issue)
@@ -14611,6 +14629,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1731 (Untrusted search path vulnerability in the GL tracing functionality in ...)
- iceweasel <not-affected> (Android-specific)
- icedove <not-affected> (Android-specific)
@@ -14623,6 +14642,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1729 (The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA ...)
- iceweasel <not-affected> (MacOS-specific)
- icedove <not-affected> (MacOS-specific)
@@ -14649,6 +14669,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1724 (Use-after-free vulnerability in the ...)
- iceweasel 24.0-1
[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
@@ -14669,6 +14690,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1721 (Integer overflow in the drawLineLoop function in the libGLESv2 library ...)
- iceweasel 24.0-1
[wheezy] - iceweasel <not-affected> (Only affects Firefox > 17)
@@ -14694,6 +14716,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1717 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
{DSA-2746-1 DSA-2735-1}
- iceweasel 17.0.8esr-1
@@ -14702,6 +14725,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1716
RESERVED
CVE-2013-1715 (Multiple untrusted search path vulnerabilities in the (1) full ...)
@@ -14714,6 +14738,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1713 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
{DSA-2746-1 DSA-2735-1}
- iceweasel 17.0.8esr-1
@@ -14722,6 +14747,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1712 (Multiple untrusted search path vulnerabilities in updater.exe in ...)
- iceweasel <not-affected> (Windows-specific)
- icedove <not-affected> (Windows-specific)
@@ -14737,6 +14763,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1709 (Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, ...)
{DSA-2746-1 DSA-2735-1}
- iceweasel 17.0.8esr-1
@@ -14745,6 +14772,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1708 (Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote ...)
- iceweasel <not-affected> (Only affects Firefox > 17)
- iceape <not-affected> (Only affects Firefox > 17)
@@ -14777,6 +14805,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1700 (The Mozilla Maintenance Service in Mozilla Firefox before 22.0 on ...)
- iceweasel <not-affected> (Only affects Firefox > 17)
CVE-2013-1699 (The Internationalized Domain Name (IDN) display algorithm in Mozilla ...)
@@ -14791,6 +14820,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1696 (Mozilla Firefox before 22.0 does not properly enforce the ...)
- iceweasel <not-affected> (Only affects Firefox > 17)
CVE-2013-1695 (Mozilla Firefox before 22.0 does not properly implement certain ...)
@@ -14803,6 +14833,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1693 (The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ...)
{DSA-2720-1 DSA-2716-1}
- iceweasel 17.0.7esr-1
@@ -14811,6 +14842,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1692 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, ...)
{DSA-2720-1 DSA-2716-1}
- iceweasel 17.0.7esr-1
@@ -14819,6 +14851,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1691
RESERVED
CVE-2013-1690 (Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, ...)
@@ -14830,6 +14863,7 @@
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
CVE-2013-1689
+ [wheezy] - iceape <end-of-life>
RESERVED
CVE-2013-1688 (The Profiler implementation in Mozilla Firefox before 22.0 parses ...)
- iceweasel <not-affected> (Only affects Firefox > 17)
@@ -14841,6 +14875,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1686 (Use-after-free vulnerability in the mozilla::ResetDir function in ...)
{DSA-2720-1 DSA-2716-1}
- iceweasel 17.0.7esr-1
@@ -14849,6 +14884,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1685 (Use-after-free vulnerability in the nsIDocument::GetRootElement ...)
{DSA-2720-1 DSA-2716-1}
- iceweasel 17.0.7esr-1
@@ -14857,6 +14893,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1684 (Use-after-free vulnerability in the ...)
{DSA-2720-1 DSA-2716-1}
- iceweasel 17.0.7esr-1
@@ -14865,6 +14902,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1683 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceweasel <not-affected> (Only affects Firefox 21)
- icedove <not-affected> (Only affects Firefox 21)
@@ -14877,6 +14915,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1681 (Use-after-free vulnerability in the ...)
{DSA-2720-1 DSA-2699-1}
- iceweasel 17.0.6esr-1
@@ -14885,6 +14924,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
{DSA-2720-1 DSA-2699-1}
[squeeze] - iceweasel <end-of-life>
@@ -14893,6 +14933,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1679 (Use-after-free vulnerability in the ...)
{DSA-2720-1 DSA-2699-1}
- iceweasel 17.0.6esr-1
@@ -14901,6 +14942,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
{DSA-2720-1 DSA-2699-1}
- iceweasel 17.0.6esr-1
@@ -14909,6 +14951,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
{DSA-2720-1 DSA-2699-1}
- iceweasel 17.0.6esr-1
@@ -14917,6 +14960,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
{DSA-2720-1 DSA-2699-1}
- iceweasel 17.0.6esr-1
@@ -14925,6 +14969,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
{DSA-2720-1 DSA-2699-1}
- iceweasel 17.0.6esr-1
@@ -14933,6 +14978,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
{DSA-2720-1 DSA-2699-1}
- iceweasel 17.0.6esr-1
@@ -14941,6 +14987,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-1673 (The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not ...)
- iceweasel <not-affected> (Windows build only)
CVE-2013-1672 (The Mozilla Maintenance Service in Mozilla Firefox before 21.0, ...)
@@ -17231,6 +17278,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1
@@ -17239,6 +17287,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
- wine-gecko-1.4 <unfixed> (unimportant)
NOTE: The description is misleading: Firefox embeds a copy of Cairo, the interdiff
NOTE: shows the respective change at mozilla-esr17/gfx/cairo/cairo/src/cairo-image-surface.c
@@ -17257,6 +17306,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
{DSA-2720-1 DSA-2699-1}
- icedove 17.0.7-1
@@ -17265,11 +17315,13 @@
[squeeze] - iceape <end-of-life>
- iceweasel 17.0.5esr-1
[squeeze] - iceweasel <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent ...)
- iceweasel 17.0.5esr-1 (low)
[squeeze] - iceweasel <end-of-life>
- iceape <unfixed> (low)
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1
@@ -17278,11 +17330,13 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0792 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when ...)
- iceweasel 17.0.5esr-1 (low)
[squeeze] - iceweasel <end-of-life>
- iceape <unfixed> (low)
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0791 (The CERT_DecodeCertPackage function in Mozilla Network Security ...)
- nss 2:3.14.3-1 (unimportant)
NOTE: client crash only
@@ -17300,6 +17354,7 @@
[squeeze] - iceape <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
{DSA-2699-1}
[squeeze] - iceweasel <end-of-life>
@@ -17308,6 +17363,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0786 (The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x ...)
- bugzilla <removed> (low)
[squeeze] - bugzilla <no-dsa> (Minor issue)
@@ -17328,6 +17384,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
@@ -17336,6 +17393,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0781 (Use-after-free vulnerability in the nsPrintEngine::CommonPrint ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -17348,6 +17406,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0779 (The nsCodingStateMachine::NextState function in Mozilla Firefox before ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -17368,6 +17427,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0775 (Use-after-free vulnerability in the ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
@@ -17376,6 +17436,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0774 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
- iceape <not-affected> (Introduced in Firefox 15)
- iceweasel <not-affected> (Introduced in Firefox 15)
@@ -17388,6 +17449,7 @@
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
[squeeze] - iceape <end-of-life>
+ [wheezy] - iceape <end-of-life>
CVE-2013-0772 (The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
More information about the Secure-testing-commits
mailing list