[Secure-testing-commits] r40248 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 8 21:05:24 UTC 2016
Author: carnil
Date: 2016-03-08 21:05:24 +0000 (Tue, 08 Mar 2016)
New Revision: 40248
Modified:
data/CVE/list
Log:
Add last batch of iceweasel issues, including graphite2 and nss
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-08 20:55:47 UTC (rev 40247)
+++ data/CVE/list 2016-03-08 21:05:24 UTC (rev 40248)
@@ -182,30 +182,69 @@
RESERVED
CVE-2016-2802
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2801
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2800
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2799
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2798
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2797
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2796
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2795
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2794
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2793
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2792
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2791
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2790
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-2789
RESERVED
CVE-2015-8829
@@ -2893,6 +2932,12 @@
RESERVED
CVE-2016-1979
RESERVED
+ - iceweasel <unfixed>
+ [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
+ [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
+ - nss 2:3.21-1
+ TODO: check
CVE-2016-1978 [Use-after-free in NSS during SSL connections in low memory]
RESERVED
- iceweasel 44.0-1
@@ -2905,6 +2950,9 @@
- nss 2:3.21-1
CVE-2016-1977
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
+ - graphite2 1.3.6-1
CVE-2016-1976
RESERVED
- iceweasel <unfixed>
@@ -2921,8 +2969,15 @@
TODO: check WebRTC and libvpx libraries
CVE-2016-1974
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
CVE-2016-1973
RESERVED
+ - iceweasel <unfixed>
+ [jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
+ [wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/
+ TODO: check WebRTC
CVE-2016-1972
RESERVED
- iceweasel <unfixed>
@@ -3034,6 +3089,10 @@
RESERVED
CVE-2016-1950
RESERVED
+ - iceweasel <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
+ - nss <unfixed>
+ NOTE: NSS fixed in 3.21.1
CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the ...)
- iceweasel <unfixed>
[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
More information about the Secure-testing-commits
mailing list