[Secure-testing-commits] r44005 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Aug 17 08:08:02 UTC 2016
Author: jmm
Date: 2016-08-17 08:08:02 +0000 (Wed, 17 Aug 2016)
New Revision: 44005
Modified:
data/CVE/list
Log:
one firefox issue n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-08-17 03:50:48 UTC (rev 44004)
+++ data/CVE/list 2016-08-17 08:08:02 UTC (rev 44005)
@@ -12260,11 +12260,10 @@
NOTE: jessie: Unprivileged users are not allowed to create user namespaces by default; aufs is not allowed to be mounted from a new user namespace by default.
NOTE: wheezy: User namespaces are non-functional.
CVE-2016-2839 (Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux ...)
- - firefox 48.0-1
- - firefox-esr 45.3.0esr-1
+ - firefox <not-affected> (Uses gstreamer-ffmpeg/libav 1.0)
+ - firefox-esr <not-affected> (Uses gstreamer-ffmpeg/libav 1.0)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-65/
NOTE: Related patches https://hg.mozilla.org/mozilla-central/log?rev=Bug+1275339
- TODO: check details, what is ffmpeg 0.10 supposed to mean?
CVE-2016-2838 (Heap-based buffer overflow in the nsBidi::BracketData::AddOpening ...)
{DSA-3640-1 DLA-585-1}
- firefox 48.0-1
More information about the Secure-testing-commits
mailing list