[Secure-testing-commits] r36503 - data/CVE
Scott Kitterman
kitterman at moszumanska.debian.org
Sat Sep 5 16:58:01 UTC 2015
Author: kitterman
Date: 2015-09-05 16:58:01 +0000 (Sat, 05 Sep 2015)
New Revision: 36503
Modified:
data/CVE/list
Log:
Mark wheezy/squeeze libvpx not affected by CVE-2015-4485/CVE-2015-4486 due to vulnerable code not being present.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-05 16:47:02 UTC (rev 36502)
+++ data/CVE/list 2015-09-05 16:58:01 UTC (rev 36503)
@@ -5734,10 +5734,14 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-90/
CVE-2015-4486 (The decrease_ref_count function in libvpx in Mozilla Firefox before ...)
- libvpx 1.4.0-1
+ [wheezy] - libvpx <not-affected> (Vulnerale code not present)
+ [squeeze] - libvpx <not-affected> (Vulnerale code not present)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1177948 is restricted
CVE-2015-4485 (Heap-based buffer overflow in the resize_context_buffers function in ...)
- libvpx 1.4.0-1
+ [wheezy] - libvpx <not-affected> (Vulnerale code not present)
+ [squeeze] - libvpx <not-affected> (Vulnerale code not present)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-89/
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1178148 is restricted
CVE-2015-4484 (The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript ...)
More information about the Secure-testing-commits
mailing list