[Secure-testing-commits] r36788 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Sep 22 19:40:18 UTC 2015
Author: carnil
Date: 2015-09-22 19:40:18 +0000 (Tue, 22 Sep 2015)
New Revision: 36788
Modified:
data/CVE/list
Log:
More iceweasel issues, please double check CVE/list entries
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-09-22 19:33:26 UTC (rev 36787)
+++ data/CVE/list 2015-09-22 19:40:18 UTC (rev 36788)
@@ -6847,22 +6847,51 @@
RESERVED
CVE-2015-4513
RESERVED
-CVE-2015-4512
+CVE-2015-4512 [Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems]
RESERVED
+ - iceweasel <unfixed>
+ [jessie] - iceweasel <not-affected> (Affects only 40.x)
+ [wheezy] - iceweasel <not-affected> (Affects only 40.x)
+ [squeeze] - iceweasel <not-affected> (Affects only 40.x)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-107/
CVE-2015-4511
RESERVED
-CVE-2015-4510
+CVE-2015-4510 [Use-after-free with shared workers and IndexedDB]
RESERVED
-CVE-2015-4509
+ - iceweasel <unfixed>
+ [jessie] - iceweasel <not-affected> (Affects only 40.x)
+ [wheezy] - iceweasel <not-affected> (Affects only 40.x)
+ [squeeze] - iceweasel <not-affected> (Affects only 40.x)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-104/
+CVE-2015-4509 [Use-after-free while manipulating HTML media content]
RESERVED
-CVE-2015-4508
+ - iceweasel <unfixed>
+ [squeeze] - iceweasel <end-of-life>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-106/
+CVE-2015-4508 [URL spoofing in reader mode]
RESERVED
-CVE-2015-4507
+ - iceweasel <unfixed>
+ [jessie] - iceweasel <not-affected> (Affects only 40.x)
+ [wheezy] - iceweasel <not-affected> (Affects only 40.x)
+ [squeeze] - iceweasel <not-affected> (Affects only 40.x)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-103/
+CVE-2015-4507 [Crash when using debugger with SavedStacks in JavaScript]
RESERVED
-CVE-2015-4506
+ - iceweasel <unfixed>
+ [jessie] - iceweasel <not-affected> (Affects only 40.x)
+ [wheezy] - iceweasel <not-affected> (Affects only 40.x)
+ [squeeze] - iceweasel <not-affected> (Affects only 40.x)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-102/
+CVE-2015-4506 [Buffer overflow in libvpx while parsing vp9 format video]
RESERVED
-CVE-2015-4505
+ - iceweasel <unfixed>
+ [squeeze] - iceweasel <end-of-life>
+ - libvpx <undetermined>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-101/
+CVE-2015-4505 [Arbitrary file manipulation by local user through Mozilla updater]
RESERVED
+ - iceweasel <not-affected> (Windows-specific)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-100/
CVE-2015-4504 [Out of bounds read in QCMS library with ICC V4 profile attributes]
RESERVED
- iceweasel <unfixed>
@@ -6877,8 +6906,13 @@
[wheezy] - iceweasel <not-affected> (Affects only 40.x)
[squeeze] - iceweasel <not-affected> (Affects only 40.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-97/
-CVE-2015-4502
+CVE-2015-4502 [Scripted proxies can access inner window]
RESERVED
+ - iceweasel <unfixed>
+ [jessie] - iceweasel <not-affected> (Affects only 40.x)
+ [wheezy] - iceweasel <not-affected> (Affects only 40.x)
+ [squeeze] - iceweasel <not-affected> (Affects only 40.x)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-108/
CVE-2015-4501 [Miscellaneous memory safety hazards]
RESERVED
- iceweasel <unfixed>
More information about the Secure-testing-commits
mailing list