[Secure-testing-commits] r40248 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Mar 8 21:05:24 UTC 2016


Author: carnil
Date: 2016-03-08 21:05:24 +0000 (Tue, 08 Mar 2016)
New Revision: 40248

Modified:
   data/CVE/list
Log:
Add last batch of iceweasel issues, including graphite2 and nss

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-08 20:55:47 UTC (rev 40247)
+++ data/CVE/list	2016-03-08 21:05:24 UTC (rev 40248)
@@ -182,30 +182,69 @@
 	RESERVED
 CVE-2016-2802
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2801
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2800
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2799
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2798
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2797
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2796
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2795
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2794
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2793
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2792
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2791
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2790
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-2789
 	RESERVED
 CVE-2015-8829
@@ -2893,6 +2932,12 @@
 	RESERVED
 CVE-2016-1979
 	RESERVED
+	- iceweasel <unfixed>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
+	- nss 2:3.21-1
+	TODO: check
 CVE-2016-1978 [Use-after-free in NSS during SSL connections in low memory]
 	RESERVED
 	- iceweasel 44.0-1
@@ -2905,6 +2950,9 @@
 	- nss 2:3.21-1
 CVE-2016-1977
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+	- graphite2 1.3.6-1
 CVE-2016-1976
 	RESERVED
 	- iceweasel <unfixed>
@@ -2921,8 +2969,15 @@
 	TODO: check WebRTC and libvpx libraries
 CVE-2016-1974
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
 CVE-2016-1973
 	RESERVED
+	- iceweasel <unfixed>
+	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
+	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/
+	TODO: check WebRTC
 CVE-2016-1972
 	RESERVED
 	- iceweasel <unfixed>
@@ -3034,6 +3089,10 @@
 	RESERVED
 CVE-2016-1950
 	RESERVED
+	- iceweasel <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
+	- nss <unfixed>
+	NOTE: NSS fixed in 3.21.1
 CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the ...)
 	- iceweasel <unfixed>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)




More information about the Secure-testing-commits mailing list