[Secure-testing-commits] r44786 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-09-21 12:49:55 +0000 (Wed, 21 Sep 2016)
New Revision: 44786

Modified:
   data/CVE/list
Log:
Slight update for CVE-2016-5261 and CVE-2016-5250, add references for respective fixed versions

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-09-21 09:10:12 UTC (rev 44785)
+++ data/CVE/list	2016-09-21 12:49:55 UTC (rev 44786)
@@ -9445,9 +9445,10 @@
 	- firefox-esr 45.3.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-76/
 CVE-2016-5261 (Integer overflow in the WebSocketChannel class in the WebSockets ...)
-	- firefox <not-affected> (Only affects Firefox ESR)
-	- firefox-esr 45.3.0esr-1
-	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-75/
+	- firefox 48.0-1
+	- firefox-esr 45.4.0esr-1
+	NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-75/
+	NOTE: For Firefox https://www.mozilla.org/security/advisories/mfsa2016-86/
 CVE-2016-5260 (Mozilla Firefox before 48.0 mishandles changes from 'INPUT ...)
 	- firefox 48.0-1
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
@@ -9495,9 +9496,10 @@
 	- firefox-esr <not-affected> (Doesn't affect Firefox ESR)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-66/
 CVE-2016-5250 (Mozilla Firefox before 48.0 allows remote attackers to obtain ...)
-	- firefox <not-affected> (Only affects Firefox ESR)
+	- firefox 48.0-1
 	- firefox-esr 45.4.0esr-1
-	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-84/
+	NOTE: For Firefox: https://www.mozilla.org/en-US/security/advisories/mfsa2016-84/
+	NOTE: For Firefox ESR: https://www.mozilla.org/en-US/security/advisories/mfsa2016-86/
 CVE-2016-5249 (Lenovo Solution Center (LSC) before 3.3.003 allows local users to ...)
 	NOT-FOR-US: Lenovo
 CVE-2016-5248 (The StopProxy command in LSC.Services.SystemService in Lenovo Solution ...)