[Secure-testing-commits] r35826 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Sat Aug 1 21:10:14 UTC 2015
Author: sectracker
Date: 2015-08-01 21:10:14 +0000 (Sat, 01 Aug 2015)
New Revision: 35826
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-01 18:32:39 UTC (rev 35825)
+++ data/CVE/list 2015-08-01 21:10:14 UTC (rev 35826)
@@ -2191,7 +2191,7 @@
- mariadb-10.0 <undetermined>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
CVE-2015-4760 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
- {DSA-3316-1 DLA-283-1}
+ {DSA-3323-1 DSA-3316-1 DLA-283-1}
- openjdk-6 <unfixed>
- openjdk-7 7u79-2.5.6-1
- openjdk-8 8u66-b01-1
@@ -4193,7 +4193,7 @@
NOTE: https://lkml.org/lkml/2015/5/13/744
NOTE: Not enabled in Debian kernels; staging drivers are not supported
CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ...)
- {DSA-3316-1 DSA-3300-1 DSA-3287-1 DLA-247-1}
+ {DSA-3324-1 DSA-3316-1 DSA-3300-1 DSA-3287-1 DLA-247-1}
- openssl <unfixed>
- nss <unfixed>
- openjdk-6 <unfixed>
@@ -7946,49 +7946,49 @@
[wheezy] - icedove <not-affected> (Only affects Thunderbird 38 and later)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-67/
CVE-2015-2740 (Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
CVE-2015-2739 (The ArrayBufferBuilder::append function in Mozilla Firefox before ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
CVE-2015-2738 (The YCbCrImageDataDeserializer::ToDataSourceSurface function in the ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
CVE-2015-2737 (The rx::d3d11::SetBufferData function in the Direct3D 11 ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
CVE-2015-2736 (The nsZipArchive::BuildFileList function in Mozilla Firefox before ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
CVE-2015-2735 (nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
[squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-66/
CVE-2015-2734 (The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
@@ -8058,7 +8058,7 @@
[wheezy] - icedove <not-affected> (Only affects Icedove 38 and later)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-59/
CVE-2015-2724 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- iceweasel 38.1.0esr-1
[squeeze] - iceweasel <end-of-life>
- icedove <unfixed>
@@ -8073,7 +8073,7 @@
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
CVE-2015-2721 (Mozilla Network Security Services (NSS) before 3.19, as used in ...)
- {DSA-3300-1}
+ {DSA-3324-1 DSA-3300-1}
- nss 2:3.19.1-1
NOTE: NSS PATCH: https://hg.mozilla.org/projects/nss/rev/6b4770c76bc8
NOTE: NSS TESTCASE: https://hg.mozilla.org/projects/nss/rev/1865635f5df5
@@ -20604,6 +20604,7 @@
CVE-2014-8148 (The default D-Bus access control rule in Midgard2 10.05.7.1 allows ...)
- midgard2-core <unfixed> (bug #774630)
CVE-2014-8147 (The resolveImplicitLevels function in common/ubidi.c in the Unicode ...)
+ {DSA-3323-1}
- icu 52.1-9 (bug #784773)
[wheezy] - icu <not-affected> (Vulnerable code not present)
[squeeze] - icu <not-affected> (Vulnerable code not present)
@@ -20613,6 +20614,7 @@
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
NOTE: Patch: http://bugs.icu-project.org/trac/changeset/37080
CVE-2014-8146 (The resolveImplicitLevels function in common/ubidi.c in the Unicode ...)
+ {DSA-3323-1}
- icu 52.1-9 (bug #784773)
[wheezy] - icu <not-affected> (Vulnerable code not present)
[squeeze] - icu <not-affected> (Vulnerable code not present)
More information about the Secure-testing-commits
mailing list