[Secure-testing-commits] r36655 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Sep 14 05:17:18 UTC 2015
Author: carnil
Date: 2015-09-14 05:17:17 +0000 (Mon, 14 Sep 2015)
New Revision: 36655
Modified:
data/CVE/list
Log:
Update CVE-2015-4495/pdf.js for jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-14 05:02:36 UTC (rev 36654)
+++ data/CVE/list 2015-09-14 05:17:17 UTC (rev 36655)
@@ -5866,9 +5866,10 @@
[squeeze] - iceweasel <not-affected> (Only affects 38.x ESR and 39)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/
- pdf.js 1.1.366+dfsg-1
+ [jessie] - pdf.js 1.0.907+dfsg-1+deb8u1
+ NOTE: for jessie: xul-ext-pdf.js binary package build was removed
NOTE: https://github.com/mozilla/pdf.js/commit/0b5330781c367fcbc997947adbf2bdcdf71f61bc
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1179262
- TODO: check if exploitable as well for pdf.js and needs an update
CVE-2015-4494 (Mozilla Firefox OS before 2.2 does not require the wifi-manage ...)
NOT-FOR-US: Firefox OS
CVE-2015-4493 (Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor ...)
More information about the Secure-testing-commits
mailing list