[Secure-testing-commits] r23777 - in data: CVE DSA

[Raphael Geissert]

Author: atomo64-guest
Date: 2013-09-25 13:56:02 +0000 (Wed, 25 Sep 2013)
New Revision: 23777

Modified:
   data/CVE/list
   data/DSA/list
Log:
Apparently CVE-2013-1705 *does* affect iceweasel 17


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-25 12:29:28 UTC (rev 23776)
+++ data/CVE/list	2013-09-25 13:56:02 UTC (rev 23777)
@@ -10698,8 +10698,9 @@
 	- icedove <not-affected> (Windows-specific)
 	- iceape <not-affected> (Windows-specific)
 CVE-2013-1705 (Heap-based buffer underflow in the cryptojs_interpret_key_gen_type ...)
-	- iceweasel <not-affected> (Only affects Firefox > 17)
-	- iceape <not-affected> (Only affects Firefox > 17)
+	- iceweasel 23.0-1
+	- iceape <unfixed>
+	TODO: check
 CVE-2013-1704 (Use-after-free vulnerability in the nsINode::GetParentNode function in ...)
 	- iceweasel <not-affected> (Only affects Firefox > 17)
 	- iceape <not-affected> (Only affects Firefox > 17)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2013-09-25 12:29:28 UTC (rev 23776)
+++ data/DSA/list	2013-09-25 13:56:02 UTC (rev 23777)
@@ -3,7 +3,7 @@
 	[squeeze] - pyopenssl 0.10-1+squeeze1
 	[wheezy] - pyopenssl 0.13-2+deb7u1
 [23 Sep 2013] DSA-2762-1 icedove - several
-	{CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737}
+	{CVE-2013-1705 CVE-2013-1718 CVE-2013-1722 CVE-2013-1725 CVE-2013-1730 CVE-2013-1732 CVE-2013-1735 CVE-2013-1736 CVE-2013-1737}
 	[wheezy] - icedove 17.0.9-1~deb7u1
 [19 Sep 2013] DSA-2761-1 puppet - several
 	{CVE-2013-4761 CVE-2013-4956}