[Secure-testing-commits] r22132 - data/CVE
Moritz Muehlenhoff
jmm at alioth.debian.org
Thu May 2 09:51:06 UTC 2013
Author: jmm
Date: 2013-05-02 09:51:05 +0000 (Thu, 02 May 2013)
New Revision: 22132
Modified:
data/CVE/list
Log:
mozilla updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-02 09:26:55 UTC (rev 22131)
+++ data/CVE/list 2013-05-02 09:51:05 UTC (rev 22132)
@@ -5880,43 +5880,54 @@
CVE-2013-0801
RESERVED
CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
- - pixmain <unfixed>
+ - pixman <unfixed>
- iceweasel <unfixed>
- icedove <unfixed>
- iceape <unfixed>
- - wine-gecko <unfixed>
- TODO: check
+ - wine-gecko <unfixed> (unimportant)
+ TODO: check, whether ice* are affected, xulrunner links against system copy of pixman
CVE-2013-0799 (Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox ...)
- NOT-FOR-US: Mozilla Maintenance Service (Windows only)
+ - iceweasel <not-affected> (Only affects Firefox on Windows)
CVE-2013-0798 (Mozilla Firefox before 20.0 on Android uses world-writable and ...)
- NOT-FOR-US: Mozilla Firefox on Android
+ - iceweasel <not-affected> (Only affects Firefox on Android)
CVE-2013-0797 (Untrusted search path vulnerability in the Mozilla Updater in Mozilla ...)
- NOT-FOR-US: Mozilla Updater
+ - iceweasel <not-affected> (Only affects Firefox on Windows)
CVE-2013-0796 (The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x ...)
- iceweasel <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
NOTE: fixed in experimental 20.0-1
CVE-2013-0795 (The System Only Wrapper (SOW) implementation in Mozilla Firefox before ...)
+ - icedove <unfixed>
+ - iceape <unfixed>
- iceweasel <unfixed>
NOTE: fixed in experimental 20.0-1
CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent ...)
- - iceweasel <unfixed>
+ - iceweasel <unfixed> (low)
+ - iceape <unfixed> (low)
NOTE: fixed in experimental 20.0-1
CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
- iceweasel <unfixed>
+ - icedove <unfixed>
+ - iceape <unfixed>
NOTE: fixed in experimental 20.0-1
CVE-2013-0792 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when ...)
- - iceweasel <unfixed>
+ - iceweasel <unfixed> (low)
+ - iceape <unfixed> (low)
NOTE: fixed in experimental 20.0-1
CVE-2013-0791 (The CERT_DecodeCertPackage function in Mozilla Network Security ...)
- nss 2:3.14.3-1 (unimportant)
NOTE: client crash only
CVE-2013-0790 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
- NOT-FOR-US: Mozilla Firefox on Android
+ - iceweasel <not-affected> (Only affects Firefox on Android)
CVE-2013-0789 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- - iceweasel <unfixed>
- NOTE: fixed in experimental 20.0-1
+ - iceweasel <not-affected> (Only affects Firefox 19)
+ - icedove <not-affected> (Only affects Firefox 19)
+ - iceape <not-affected> (Only affects Firefox 19)
CVE-2013-0788 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- iceweasel <unfixed>
+ - iceape <unfixed>
+ - icedove <unfixed>
NOTE: fixed in experimental 20.0-1
CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
- iceweasel <unfixed>
More information about the Secure-testing-commits
mailing list