[Secure-testing-commits] r33304 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 31 19:21:09 UTC 2015


Author: carnil
Date: 2015-03-31 19:21:09 +0000 (Tue, 31 Mar 2015)
New Revision: 33304

Modified:
   data/CVE/list
Log:
Add CVE-2015-0800 and CVE-2012-2808, only affects Firefox on Android

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-31 19:20:11 UTC (rev 33303)
+++ data/CVE/list	2015-03-31 19:21:09 UTC (rev 33304)
@@ -5909,8 +5909,10 @@
 	- icedove <unfixed>
 	[squeeze] - icedove <end-of-life>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-40/
-CVE-2015-0800
+CVE-2015-0800 [PRNG weakness allows for DNS poisoning on Android]
 	RESERVED
+	- iceweasel <not-affected> (Only affects 37.x; only on Android)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
 CVE-2015-0799
 	RESERVED
 CVE-2015-0798
@@ -62458,8 +62460,10 @@
 	RESERVED
 CVE-2012-2809
 	RESERVED
-CVE-2012-2808
+CVE-2012-2808 [PRNG weakness allows for DNS poisoning on Android]
 	RESERVED
+	- iceweasel <not-affected> (Only affects 37.x; only on Android)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
 CVE-2012-2807 (Multiple integer overflows in libxml2, as used in Google Chrome before ...)
 	{DSA-2521-1}
 	- libxml2 2.8.0+dfsg1-5 (bug #679280)




More information about the Secure-testing-commits mailing list