[Secure-testing-commits] r27908 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jul 23 07:37:16 UTC 2014
Author: jmm
Date: 2014-07-23 07:37:16 +0000 (Wed, 23 Jul 2014)
New Revision: 27908
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
iceweasel updates
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-07-23 07:28:39 UTC (rev 27907)
+++ data/CVE/list 2014-07-23 07:37:16 UTC (rev 27908)
@@ -8766,25 +8766,35 @@
CVE-2014-1561 [Toolbar dialog customization event spoofing]
RESERVED
- iceweasel 31.0-1
- TODO: check, only for 31 and only icewasel
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
+ [squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-60.html
CVE-2014-1560 [Certificate parsing broken by non-standard character]
RESERVED
- iceweasel 31.0-1
- icedove <unfixed>
- TODO: check, only 31 series?
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
+ [wheezy] - icedove <not-affected> (Only affects releases after ESR24)
+ [squeeze] - iceweasel <end-of-life>
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
CVE-2014-1559 [Certificate parsing broken by non-standard character]
RESERVED
- iceweasel 31.0-1
- icedove <unfixed>
- TODO: check, only 31 series?
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
+ [wheezy] - icedove <not-affected> (Only affects releases after ESR24)
+ [squeeze] - iceweasel <end-of-life>
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
CVE-2014-1558 [Certificate parsing broken by non-standard character]
RESERVED
- iceweasel 31.0-1
- icedove <unfixed>
- TODO: check, only 31 series?
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
+ [wheezy] - icedove <not-affected> (Only affects releases after ESR24)
+ [squeeze] - iceweasel <end-of-life>
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-65.html
CVE-2014-1557 [Crash in Skia library when scaling high quality images]
RESERVED
@@ -8815,34 +8825,38 @@
RESERVED
- iceweasel 31.0-1
- icedove <unfixed>
- TODO: only 31 series?
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
+ [wheezy] - icedove <not-affected> (Only affects releases after ESR24)
+ [squeeze] - iceweasel <end-of-life>
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-66.html
CVE-2014-1551 [Use-after-free in DirectWrite font handling]
RESERVED
- - iceweasel <not-affected> (Affects only Windows plattform)
- - icedove <not-affected> (Affects only Windows plattform)
+ - iceweasel <not-affected> (Affects only Windows platform)
+ - icedove <not-affected> (Affects only Windows platform)
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-59.html
- TODO: check, affects only Windows plattform
CVE-2014-1550 [Use-after-free in Web Audio due to incorrect control message ordering]
RESERVED
- iceweasel 31.0-1
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
+ [wheezy] - icedove <not-affected> (Only affects releases after ESR24)
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-58.html
- TODO: check
CVE-2014-1549 [Buffer overflow during Web Audio buffering for playback]
RESERVED
- iceweasel 31.0-1
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
+ [wheezy] - icedove <not-affected> (Only affects releases after ESR24)
NOTE: https://www.mozilla.org/security/announce/2014/mfsa2014-57.html
- TODO: check
CVE-2014-1548
RESERVED
- iceweasel 31.0-1
- [wheezy] - iceweasel <not-affected> (related to fixes in 31.0)
+ [wheezy] - iceweasel <not-affected> (Only affects releases after ESR24)
[squeeze] - iceweasel <end-of-life>
CVE-2014-1547 [Miscellaneous memory safety hazards]
RESERVED
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2014-07-23 07:28:39 UTC (rev 27907)
+++ data/dsa-needed.txt 2014-07-23 07:37:16 UTC (rev 27908)
@@ -25,7 +25,7 @@
--
icedove
--
-iceweasel
+iceweasel (jmm)
--
liblivemedia (geissert)
--
More information about the Secure-testing-commits
mailing list