[Secure-testing-commits] r35287 - data/CVE

Fri Jul 3 07:34:44 UTC 2015

Author: jmm
Date: 2015-07-03 07:34:44 +0000 (Fri, 03 Jul 2015)
New Revision: 35287

Modified:
   data/CVE/list
Log:
iceweasel updates


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2015-07-03 04:49:01 UTC (rev 35286)
+++ data/CVE/list	2015-07-03 07:34:44 UTC (rev 35287)
@@ -2574,6 +2574,7 @@
 CVE-2015-4000 (The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is ...)
 	{DSA-3287-1}
 	- openssl <unfixed>
+	- nss <unfixed>
 	NOTE: CVE assigned specific to vulnerability in the TLS protocol that was
 	NOTE: disclosed in section 3.2 of the
 	NOTE: https://weakdh.org/imperfect-forward-secrecy.pdf paper.
@@ -6179,8 +6180,12 @@
 	RESERVED
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
+	[jessie] - icedove <not-affected> (Only affects Thunderbird 38 and later)
+	[wheezy] - icedove <not-affected> (Only affects Thunderbird 38 and later)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-67/
 CVE-2015-2740
 	RESERVED
@@ -6234,6 +6239,8 @@
 CVE-2015-2733
 	RESERVED
 	- iceweasel <unfixed>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
 CVE-2015-2732
@@ -6248,12 +6255,16 @@
 CVE-2015-2730
 	RESERVED
 	- nss 2:3.19.1-1
-	- iceweasel <not-affected> (uses system nss)
+	- iceweasel <unfixed>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/
 CVE-2015-2729
 	RESERVED
 	- iceweasel <unfixed>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-62/
 CVE-2015-2728
@@ -6264,6 +6275,8 @@
 CVE-2015-2727
 	RESERVED
 	- iceweasel <unfixed>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-60/
 	TODO: check
@@ -6294,6 +6307,8 @@
 CVE-2015-2722
 	RESERVED
 	- iceweasel <unfixed>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-65/
 CVE-2015-2721


