[Secure-testing-commits] r22173 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Mon May 6 06:07:58 UTC 2013 

Author: jmm
Date: 2013-05-06 06:07:58 +0000 (Mon, 06 May 2013)
New Revision: 22173

Modified:
   data/CVE/list
Log:
recent iceweasel upload fixed additional IDs
kernel updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-05 12:47:27 UTC (rev 22172)
+++ data/CVE/list	2013-05-06 06:07:58 UTC (rev 22173)
@@ -107,9 +107,9 @@
 CVE-2013-3270
 	RESERVED
 CVE-2013-3302 (Race condition in the smb_send_rqst function in fs/cifs/transport.c in ...)
-	- linux-2.6 <removed>
+	- linux-2.6 <not-affected> (Introduced in 3.7)
 	- linux <unfixed>
-	NOTE: https://git.kernel.org/linus/ea702b80e0bbb2448e201472127288beb82ca2fe
+	[wheezy] - linux <not-affected> (Introduced in 3.7)
 CVE-2013-3301 (The ftrace implementation in the Linux kernel before 3.8.8 allows ...)
 	- linux-2.6 <removed> (low)
 	- linux <unfixed> (low)
@@ -5650,6 +5650,7 @@
 CVE-2013-0913 (Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the ...)
 	- linux 3.2.41-2
 	- linux-2.6 <removed>
+	[squeeze] - linux-2.6 <not-affected> (Vulnerable code was introduced later)
 CVE-2013-0912 (WebKit in Google Chrome before 25.0.1364.160 allows remote attackers ...)
 	- chromium-browser 25.0.1364.160-1
 CVE-2013-0911 (Directory traversal vulnerability in Google Chrome before ...)
@@ -5900,7 +5901,7 @@
 	RESERVED
 CVE-2013-0800 (Integer signedness error in the pixman_fill_sse2 function in ...)
 	- pixman <unfixed>
-	- iceweasel <unfixed>
+	- iceweasel 17.0.5esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	- wine-gecko-1.4 <unfixed> (unimportant)
@@ -5920,17 +5921,15 @@
 	- iceape <unfixed>
 	- iceweasel 17.0.5esr-1
 CVE-2013-0794 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent ...)
-	- iceweasel <unfixed> (low)
+	- iceweasel 17.0.5esr-1 (low)
 	- iceape <unfixed> (low)
-	NOTE: fixed in experimental 20.0-1
 CVE-2013-0793 (Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, ...)
 	- iceweasel 17.0.5esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 CVE-2013-0792 (Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when ...)
-	- iceweasel <unfixed> (low)
+	- iceweasel 17.0.5esr-1 (low)
 	- iceape <unfixed> (low)
-	NOTE: fixed in experimental 20.0-1
 CVE-2013-0791 (The CERT_DecodeCertPackage function in Mozilla Network Security ...)
 	- nss 2:3.14.3-1 (unimportant)
 	NOTE: client crash only
@@ -5945,7 +5944,7 @@
 	- iceape <unfixed>
 	- icedove <unfixed>
 CVE-2013-0787 (Use-after-free vulnerability in the nsEditor::IsPreformatted function ...)
-	- iceweasel <unfixed>
+	- iceweasel 17.0.5esr-1
 	- icedove <unfixed>
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0.2-1, update when enters unstable
@@ -5962,12 +5961,12 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0783 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	- iceweasel <unfixed> (bug #703071)
+	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove <unfixed>
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
 CVE-2013-0782 (Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion ...)
-	- iceweasel <unfixed> (bug #703071)
+	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove <unfixed>
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
@@ -5976,7 +5975,7 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0780 (Use-after-free vulnerability in the ...)
-	- iceweasel <unfixed> (bug #703071)
+	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove <unfixed>
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
@@ -5993,12 +5992,12 @@
 	- iceweasel <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 	- icedove <not-affected> (Doesn't affect the ESR series, only releases from experimental)
 CVE-2013-0776 (Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, ...)
-	- iceweasel <unfixed> (bug #703071)
+	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove <unfixed>
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
 CVE-2013-0775 (Use-after-free vulnerability in the ...)
-	- iceweasel <unfixed> (bug #703071)
+	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove <unfixed>
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable
@@ -6007,7 +6006,7 @@
 	- iceweasel <not-affected> (Introduced in Firefox 15)
 	- icedove <not-affected> (Introduced in Firefox 15)
 CVE-2013-0773 (The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) ...)
-	- iceweasel <unfixed> (bug #703071)
+	- iceweasel 17.0.5esr-1 (bug #703071)
 	- icedove <unfixed>
 	- iceape <unfixed>
 	NOTE: Fixed in experimental in 19.0-1, update when enters unstable

More information about the Secure-testing-commits mailing list