[Secure-testing-commits] r40245 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 8 20:38:36 UTC 2016


Author: carnil
Date: 2016-03-08 20:38:36 +0000 (Tue, 08 Mar 2016)
New Revision: 40245

Modified:
   data/CVE/list
Log:
Add CVE-2016-1978

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-08 19:54:14 UTC (rev 40244)
+++ data/CVE/list	2016-03-08 20:38:36 UTC (rev 40245)
@@ -2893,8 +2893,16 @@
 	RESERVED
 CVE-2016-1979
 	RESERVED
-CVE-2016-1978
+CVE-2016-1978 [Use-after-free in NSS during SSL connections in low memory]
 	RESERVED
+	- iceweasel 44.0-1
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
+        NOTE: Marked as fixed in 44.0-1 which would be the version fixing
+        NOTE: the issue while using the bundled nss version. iceweasel for
+        NOTE: unstable though used the system library.
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-15/
+	- nss 2:3.21-1
 CVE-2016-1977
 	RESERVED
 CVE-2016-1976




More information about the Secure-testing-commits mailing list