[Secure-testing-commits] r37969 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Nov 29 07:03:32 UTC 2015
Author: carnil
Date: 2015-11-29 07:03:32 +0000 (Sun, 29 Nov 2015)
New Revision: 37969
Modified:
data/CVE/list
Log:
Update some CVEs affecting icedove
Note for reviewers: doublecheck if complete with the latest Thunderbird
38.4.0 release.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-29 06:48:09 UTC (rev 37968)
+++ data/CVE/list 2015-11-29 07:03:32 UTC (rev 37969)
@@ -3110,21 +3110,29 @@
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
CVE-2015-7199 (The (1) AddWeightedPathSegLists and (2) ...)
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
CVE-2015-7198 (Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in ...)
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-131/
CVE-2015-7197 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 ...)
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-132/
CVE-2015-7196 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a ...)
{DSA-3393-1}
@@ -3138,11 +3146,15 @@
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-128/
CVE-2015-7193 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 ...)
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-127/
CVE-2015-7192 (The accessibility-tools feature in Mozilla Firefox before 42.0 on OS X ...)
- iceweasel <not-affected> (Only affects Firefox on MacOS)
@@ -3157,11 +3169,15 @@
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-123/
CVE-2015-7188 (Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow ...)
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-122/
CVE-2015-7187 (The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: ...)
- iceweasel <not-affected> (ESR38 series not affected)
@@ -3200,6 +3216,8 @@
NOTE: http://hg.mozilla.org/projects/nss/rev/b4feb2cb0ed6
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
CVE-2015-7181 (The sec_asn1d_parse_leaf function in Mozilla Network Security Services ...)
{DSA-3393-1}
@@ -3208,6 +3226,8 @@
NOTE: http://hg.mozilla.org/projects/nss/rev/25cb033147fd
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - icedove <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-133/
CVE-2015-7180 (The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before ...)
{DSA-3365-1}
@@ -10217,6 +10237,8 @@
{DSA-3393-1}
- iceweasel 38.4.0esr-1
[squeeze] - iceweasel <end-of-life>
+ - icedove 38.4.0-1
+ [squeeze] - iceweasel <end-of-life>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-116/
CVE-2015-4512 (gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux ...)
- iceweasel <not-affected> (Affects only 40.x)
More information about the Secure-testing-commits
mailing list