[Secure-testing-commits] r36796 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Sep 23 05:32:09 UTC 2015 

Author: jmm
Date: 2015-09-23 05:32:08 +0000 (Wed, 23 Sep 2015)
New Revision: 36796

Modified:
   data/CVE/list
Log:
another iceweasel issue
fixup some n/a entries
mark libvpx as unfixed, seems likely to affect the archive version


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-09-23 05:28:28 UTC (rev 36795)
+++ data/CVE/list	2015-09-23 05:32:08 UTC (rev 36796)
@@ -257,13 +257,11 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-112/
 CVE-2015-7179
 	RESERVED
-	- iceweasel <unfixed>
-	[squeeze] - iceweasel <end-of-life>
+	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
 CVE-2015-7178
 	RESERVED
-	- iceweasel <unfixed>
-	[squeeze] - iceweasel <end-of-life>
+	- iceweasel <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-113/
 CVE-2015-7177
 	RESERVED
@@ -6897,6 +6895,9 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-107/
 CVE-2015-4511
 	RESERVED
+	- iceweasel <unfixed>
+	[squeeze] - iceweasel <end-of-life>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-105/
 CVE-2015-4510 [Use-after-free with shared workers and IndexedDB]
 	RESERVED
 	- iceweasel <not-affected> (Affects only 40.x)
@@ -6918,7 +6919,7 @@
 	RESERVED
 	- iceweasel <unfixed>
 	[squeeze] - iceweasel <end-of-life>
-	- libvpx <undetermined>
+	- libvpx <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-101/ 
 CVE-2015-4505 [Arbitrary file manipulation by local user through Mozilla updater]
 	RESERVED
@@ -7061,7 +7062,7 @@
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-81/
 CVE-2015-4476 [Site attribute spoofing on Android by pasting URL with unknown scheme]
 	RESERVED
-	- iceweasel <not-affected> (Affects only 40.x)
+	- iceweasel <not-affected> (Affects only Firefox on Android)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2015-99/
 CVE-2015-4475 (The mozilla::AudioSink function in Mozilla Firefox before 40.0 and ...)
 	{DSA-3333-1}

More information about the Secure-testing-commits mailing list