[Secure-testing-commits] r46690 - data/CVE
Micha Lenk
micha at moszumanska.debian.org
Thu Dec 1 21:26:02 UTC 2016
Author: micha
Date: 2016-12-01 21:26:01 +0000 (Thu, 01 Dec 2016)
New Revision: 46690
Modified:
data/CVE/list
Log:
/data/CVE/list: setting security level 'high', according to Mozilla an exploit is already in use in the wild
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-01 21:10:11 UTC (rev 46689)
+++ data/CVE/list 2016-12-01 21:26:01 UTC (rev 46690)
@@ -3170,8 +3170,8 @@
CVE-2016-9079 [SVG Animation Remote Code Execution]
RESERVED
{DSA-3728-1}
- - firefox 50.0.2-1
- - firefox-esr 45.5.1esr-1
+ - firefox 50.0.2-1 (high)
+ - firefox-esr 45.5.1esr-1 (high)
- icedove 1:45.5.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/#CVE-2016-9079
CVE-2016-9078 [data: URL can inherit wrong origin after an HTTP redirect]
More information about the Secure-testing-commits
mailing list