[Secure-testing-commits] r22626 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Sun Jun 16 17:32:20 UTC 2013
Author: jmm
Date: 2013-06-16 17:32:20 +0000 (Sun, 16 Jun 2013)
New Revision: 22626
Modified:
data/CVE/list
Log:
end-of-life for iceape
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-06-16 17:26:41 UTC (rev 22625)
+++ data/CVE/list 2013-06-16 17:32:20 UTC (rev 22626)
@@ -7007,48 +7007,56 @@
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1680 (Use-after-free vulnerability in the nsFrameList::FirstChild function ...)
{DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1679 (Use-after-free vulnerability in the ...)
{DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1678 (The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before ...)
{DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1677 (The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox ...)
{DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1676 (The SelectionIterator::GetNextSegment function in Mozilla Firefox ...)
{DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1675 (Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, ...)
{DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1674 (Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ...)
{DSA-2699-1}
- iceweasel 17.0.6esr-1
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1673 (The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not ...)
- iceweasel <not-affected> (Windows build only)
CVE-2013-1672 (The Mozilla Maintenance Service in Mozilla Firefox before 21.0, ...)
@@ -7065,6 +7073,7 @@
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-1669 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceweasel 17.0.6esr-1
[wheezy] - iceweasel <not-affected> (Only affects Firefox 20)
@@ -9344,12 +9353,14 @@
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
- wine-gecko-1.4 <unfixed> (unimportant)
NOTE: The description is misleading: Firefox embeds a copy of Cairo, the interdiff
NOTE: shows the respective change at mozilla-esr17/gfx/cairo/cairo/src/cairo-image-surface.c
@@ -9366,24 +9377,29 @@
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
{DSA-2699-1}
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
- iceweasel 17.0.5esr-1
CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent ...)
- iceweasel 17.0.5esr-1 (low)
- iceape <unfixed> (low)
+ [squeeze] - iceape <end-of-life>
CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
CVE-2013-0792 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when ...)
- iceweasel 17.0.5esr-1 (low)
- iceape <unfixed> (low)
+ [squeeze] - iceape <end-of-life>
CVE-2013-0791 (The CERT_DecodeCertPackage function in Mozilla Network Security ...)
- nss 2:3.14.3-1 (unimportant)
NOTE: client crash only
@@ -9397,6 +9413,7 @@
{DSA-2699-1}
- iceweasel 17.0.5esr-1
- iceape <unfixed>
+ [squeeze] - iceape <end-of-life>
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
@@ -9405,7 +9422,7 @@
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
- NOTE: Fixed in experimental in 19.0.2-1, update when enters unstable
+ [squeeze] - iceape <end-of-life>
CVE-2013-0786 (The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x ...)
- bugzilla <removed> (low)
[squeeze] - bugzilla <no-dsa> (Minor issue)
@@ -9424,14 +9441,14 @@
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
- NOTE: Fixed in experimental in 19.0-1, update when enters unstable
+ [squeeze] - iceape <end-of-life>
CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
- NOTE: Fixed in experimental in 19.0-1, update when enters unstable
+ [squeeze] - iceape <end-of-life>
CVE-2013-0781 (Use-after-free vulnerability in the nsPrintEngine::CommonPrint ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9442,7 +9459,7 @@
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
- NOTE: Fixed in experimental in 19.0-1, update when enters unstable
+ [squeeze] - iceape <end-of-life>
CVE-2013-0779 (The nsCodingStateMachine::NextState function in Mozilla Firefox before ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9461,14 +9478,14 @@
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
- NOTE: Fixed in experimental in 19.0-1, update when enters unstable
+ [squeeze] - iceape <end-of-life>
CVE-2013-0775 (Use-after-free vulnerability in the ...)
{DSA-2699-1}
- iceweasel 17.0.5esr-1 (bug #703071)
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
- NOTE: Fixed in experimental in 19.0-1, update when enters unstable
+ [squeeze] - iceape <end-of-life>
CVE-2013-0774 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
- iceape <not-affected> (Introduced in Firefox 15)
- iceweasel <not-affected> (Introduced in Firefox 15)
@@ -9479,7 +9496,7 @@
- icedove 17.0.5-1
[squeeze] - icedove <end-of-life>
- iceape <unfixed>
- NOTE: Fixed in experimental in 19.0-1, update when enters unstable
+ [squeeze] - iceape <end-of-life>
CVE-2013-0772 (The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9497,6 +9514,7 @@
- icedove 10.0.12-1
[squeeze] - icedove <end-of-life>
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0768 (Stack-based buffer overflow in the Canvas implementation in Mozilla ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9506,11 +9524,13 @@
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0766 (Use-after-free vulnerability in the ~nsHTMLEditRules implementation in ...)
- iceweasel 10.0.12esr-1
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0765 (Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9528,6 +9548,7 @@
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0761 (Use-after-free vulnerability in the ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9541,11 +9562,13 @@
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0758 (Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x ...)
- iceweasel 10.0.12esr-1
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0757 (The Chrome Object Wrapper (COW) implementation in Mozilla Firefox ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9563,11 +9586,13 @@
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0753 (Use-after-free vulnerability in the serializeToStream implementation ...)
- iceweasel 10.0.12esr-1
- icedove 10.0.12-1
[squeeze] - icedove <end-of-life>
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0752 (Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9581,6 +9606,7 @@
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0749 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9590,6 +9616,7 @@
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0747 (The gPluginHandler.handleEvent function in the plugin handler in ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9599,6 +9626,7 @@
[squeeze] - icedove <end-of-life>
- icedove 10.0.12-1
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0745 (The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ...)
- iceape <not-affected> (Doesn't affect the ESR series, only releases from experimental)
- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
@@ -9608,6 +9636,7 @@
- icedove 10.0.12-1
[squeeze] - icedove <end-of-life>
- iceape 2.7.12-1
+ [squeeze] - iceape <end-of-life>
CVE-2013-0743 [nss: Dis-trust TURKTRUST mis-issued *.google.com certificate]
REJECTED
{DSA-2599-1}
More information about the Secure-testing-commits
mailing list