[Secure-testing-commits] r35988 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Aug 11 21:09:37 UTC 2015
Author: jmm
Date: 2015-08-11 21:09:37 +0000 (Tue, 11 Aug 2015)
New Revision: 35988
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
mozilla updates
take iceweasel
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-11 20:53:25 UTC (rev 35987)
+++ data/CVE/list 2015-08-11 21:09:37 UTC (rev 35988)
@@ -1117,12 +1117,6 @@
[jessie] - debian-installer <no-dsa> (Can only be fixed through point updates when new images are created)
[wheezy] - debian-installer <no-dsa> (Can only be fixed through point updates when new images are created)
[squeeze] - debian-installer <no-dsa> (Installer will not be updated)
-CVE-2015-XXXX [gdk-pixbuf heap overflow and DoS]
- - gdk-pixbuf 2.31.5-1
- NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=752297
- NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199
- NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/17/17
- TODO: check if this is CVE-2015-4491 as in mfsa2015-88
CVE-2015-5527
RESERVED
CVE-2015-5526
@@ -3554,7 +3548,7 @@
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1179262
TODO: check if exploitable as well for pdf.js and needs an update
CVE-2015-4494 (Mozilla Firefox OS before 2.2 does not require the wifi-manage ...)
- TODO: check
+ NOT-FOR-US: Firefox OS
CVE-2015-4493
RESERVED
- iceweasel <unfixed>
@@ -3565,10 +3559,12 @@
- iceweasel <unfixed>
[squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-92/
-CVE-2015-4491
+CVE-2015-4491 [gdk-pixbuf heap overflow and DoS]
RESERVED
- - iceweasel <unfixed>
- [squeeze] - iceweasel <end-of-life>
+ - gdk-pixbuf 2.31.5-1
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=752297
+ NOTE: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199
+ NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/07/17/17
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-88/
CVE-2015-4490
RESERVED
@@ -3591,12 +3587,12 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
CVE-2015-4486
RESERVED
- - iceweasel <unfixed>
- [squeeze] - iceweasel <end-of-life>
- - libvpx <undetermined>
+ - libvpx <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
CVE-2015-4485
RESERVED
+ - libvpx <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
CVE-2015-4484
RESERVED
- iceweasel <unfixed>
@@ -3608,9 +3604,8 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-86/
CVE-2015-4482
RESERVED
- - iceweasel <undetermined>
+ - iceweasel <not-affected> (Updater not used in Debian)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-85/
- TODO: check
CVE-2015-4481
RESERVED
- iceweasel <not-affected> (Only affects Firefox on Windows)
@@ -3648,7 +3643,7 @@
CVE-2015-4473 [Miscellaneous memory safety hazards]
RESERVED
- iceweasel <unfixed>
- [squeeze] - iceweasel <end-of-life>
+ [squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-79/
CVE-2015-4466
RESERVED
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2015-08-11 20:53:25 UTC (rev 35987)
+++ data/dsa-needed.txt 2015-08-11 21:09:37 UTC (rev 35988)
@@ -29,7 +29,7 @@
--
gnutls28/stable (carnil)
--
-iceweasel
+iceweasel (jmm)
--
icu (ghedo)
--
More information about the Secure-testing-commits
mailing list