[Secure-testing-commits] r35416 - in data: . CVE

Guido Guenther agx at moszumanska.debian.org
Fri Jul 10 13:28:23 UTC 2015


Author: agx
Date: 2015-07-10 13:28:23 +0000 (Fri, 10 Jul 2015)
New Revision: 35416

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
nss/squeeze is affected by CVE-2015-2721 CVE-2015-2721 CVE-2015-4000

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-10 12:32:08 UTC (rev 35415)
+++ data/CVE/list	2015-07-10 13:28:23 UTC (rev 35416)
@@ -7205,6 +7205,10 @@
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 38 and later)
 	[squeeze] - iceweasel <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-64/
+	NOTE: The bug referenced in the above advisory is restricted but these
+	NOTE: commits reference it
+	NOTE: https://hg.mozilla.org/projects/nss/rev/fc6870938172
+	NOTE: https://hg.mozilla.org/projects/nss/rev/2c05e861ce07
 CVE-2015-2729 (The AudioParamTimeline::AudioNodeInputValue function in the Web Audio ...)
 	- iceweasel 38.1.0esr-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 38 and later)

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2015-07-10 12:32:08 UTC (rev 35415)
+++ data/dla-needed.txt	2015-07-10 13:28:23 UTC (rev 35416)
@@ -28,6 +28,8 @@
 --
 netty
 --
+nss
+--
 openhpi
   NOTE: same version in squeeze-lts as in wheezy etc
   need for action depends on results of:




More information about the Secure-testing-commits mailing list