[Secure-testing-commits] r33371 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Apr 3 21:05:04 UTC 2015


Author: carnil
Date: 2015-04-03 21:05:04 +0000 (Fri, 03 Apr 2015)
New Revision: 33371

Modified:
   data/CVE/list
Log:
Add CVE-2015-0799, not-affected but left TODO to double check

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-03 21:04:56 UTC (rev 33370)
+++ data/CVE/list	2015-04-03 21:05:04 UTC (rev 33371)
@@ -6029,8 +6029,11 @@
 CVE-2015-0800 (The PRNG implementation in the DNS resolver in Mozilla Firefox (aka ...)
 	- iceweasel <not-affected> (Only affects 37.x; only on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
-CVE-2015-0799
+CVE-2015-0799 [Certificate verification bypass through the HTTP/2 Alt-Svc header]
 	RESERVED
+	- iceweasel <not-affected> (Only affects Firefox 37.x)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-44/
+	TODO: check
 CVE-2015-0798 [Loading privileged content through Reader mode]
 	RESERVED
 	- iceweasel <not-affected> (Only affects Firefox on Android)




More information about the Secure-testing-commits mailing list