[Secure-testing-commits] r40595 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Mar 27 08:05:11 UTC 2016
Author: carnil
Date: 2016-03-27 08:05:11 +0000 (Sun, 27 Mar 2016)
New Revision: 40595
Modified:
data/CVE/list
Log:
brotli fixed in unstable, #817233
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-27 06:41:22 UTC (rev 40594)
+++ data/CVE/list 2016-03-27 08:05:11 UTC (rev 40595)
@@ -4906,7 +4906,7 @@
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/
- - brotli <unfixed> (bug #817233)
+ - brotli 0.3.0+dfsg-3 (bug #817233)
NOTE: https://github.com/google/brotli/commit/37a320dd81db8d546cd24a45b4c61d87b45dcade
CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the ...)
- iceweasel <unfixed>
@@ -5998,7 +5998,7 @@
- chromium-browser 48.0.2564.116-1
[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)
[squeeze] - chromium-browser <end-of-life> (Not supported in Squeeze LTS)
- - brotli <unfixed> (bug #817233)
+ - brotli 0.3.0+dfsg-3 (bug #817233)
NOTE: https://codereview.chromium.org/1662313002
NOTE: https://codereview.chromium.org/1662313002/diff/1/third_party/brotli/dec/decode.c
NOTE: Same fix/change as for CVE-2016-1968
More information about the Secure-testing-commits
mailing list