[Secure-testing-commits] r37543 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 3 21:47:24 UTC 2015
Author: carnil
Date: 2015-11-03 21:47:24 +0000 (Tue, 03 Nov 2015)
New Revision: 37543
Modified:
data/CVE/list
Log:
Add CVE-2015-7181/nss and CVE-2015-7183/nspr
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-03 21:43:04 UTC (rev 37542)
+++ data/CVE/list 2015-11-03 21:47:24 UTC (rev 37543)
@@ -2303,12 +2303,22 @@
CVE-2015-7184 (The fetch API implementation in Mozilla Firefox before 41.0.2 does not ...)
- iceweasel <not-affected> (Affects only Firefox later than 38)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/
-CVE-2015-7183
+CVE-2015-7183 [NSPR overflow in PL_ARENA_ALLOCATE can lead to crash (under ASAN), potential memory corruption]
RESERVED
+ - iceweasel <unfixed>
+ [squeeze] - iceweasel <end-of-life>
+ - nspr <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
+ TODO: check
CVE-2015-7182
RESERVED
-CVE-2015-7181
+CVE-2015-7181 [ASan: use-after-poison in sec_asn1d_parse_leaf()]
RESERVED
+ - iceweasel <unfixed>
+ [squeeze] - iceweasel <end-of-life>
+ - nss <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
+ TODO: check
CVE-2015-7180 (The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before ...)
{DSA-3365-1}
- iceweasel 38.3.0esr-1
More information about the Secure-testing-commits
mailing list