Author: jmm Date: 2016-06-08 06:10:25 +0000 (Wed, 08 Jun 2016) New Revision: 42391
Modified: data/CVE/list Log: new firefox issues drop pycurl entry, no evidence of being exploitable Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-06-08 06:04:14 UTC (rev 42390) +++ data/CVE/list 2016-06-08 06:10:25 UTC (rev 42391) @@ -7006,32 +7006,55 @@ RESERVED CVE-2016-2834 RESERVED + - nss <unfixed> + - firefox-esr <not-affected> (Doesn't apply to Firefox ESR) + - firefox <unfixed> CVE-2016-2833 RESERVED + - firefox-esr <not-affected> (Doesn't apply to Firefox ESR) + - firefox <unfixed> CVE-2016-2832 RESERVED + - firefox-esr <not-affected> (Doesn't apply to Firefox ESR) + - firefox <unfixed> CVE-2016-2831 RESERVED + - firefox-esr <unfixed> + - firefox <unfixed> CVE-2016-2830 RESERVED CVE-2016-2829 RESERVED + - firefox-esr <not-affected> (Doesn't apply to Firefox ESR) + - firefox <unfixed> CVE-2016-2828 RESERVED + - firefox-esr <unfixed> + - firefox <unfixed> CVE-2016-2827 RESERVED CVE-2016-2826 RESERVED + - firefox-esr <not-affected> (Only affects Windows) + - firefox <not-affected> (Only affects Windows) CVE-2016-2825 RESERVED + - firefox-esr <not-affected> (Doesn't apply to Firefox ESR) + - firefox <unfixed> CVE-2016-2824 RESERVED + - firefox-esr <not-affected> (Only affects Windows) + - firefox <not-affected> (Only affects Windows) CVE-2016-2823 RESERVED CVE-2016-2822 RESERVED + - firefox-esr <unfixed> + - firefox <unfixed> CVE-2016-2821 RESERVED + - firefox-esr <unfixed> + - firefox <unfixed> CVE-2016-2820 (The Firefox Health Reports (aka FHR or about:healthreport) feature in ...) - iceweasel <not-affected> (Only Firefox 46) - firefox-esr <not-affected> (Only Firefox 46) @@ -7039,8 +7062,12 @@ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-48/ CVE-2016-2819 RESERVED + - firefox-esr <unfixed> + - firefox <unfixed> CVE-2016-2818 RESERVED + - firefox-esr <unfixed> + - firefox <unfixed> CVE-2016-2817 (The WebExtension sandbox feature in ...) - iceweasel <not-affected> (Only Firefox 46) - firefox-esr <not-affected> (Only Firefox 46) @@ -7053,6 +7080,8 @@ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-45/ CVE-2016-2815 RESERVED + - firefox-esr <not-affected> (Doesn't apply to Firefox ESR) + - firefox <unfixed> CVE-2016-2814 (Heap-based buffer overflow in the ...) {DSA-3559-1} - iceweasel <removed> @@ -17933,13 +17962,6 @@ RESERVED CVE-2014-9754 RESERVED -CVE-2015-XXXX [use afer free] - - pycurl <unfixed> - [wheezy] - pycurl <not-affected> (Vulnerable code introduced later) - [squeeze] - pycurl <not-affected> (Vulnerable code introduced later) - NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/11/03/4 - NOTE: Upstream commit: https://github.com/pycurl/pycurl/commit/602f8e364634d386524f0396e962c2c9de0536a9 - NOTE: support for BUFFER and BUFFERPTR form parameters added with https://github.com/clintclayton/pycurl/commit/642f87afc14fc79c202c3b10b95ad35e97aa8615 CVE-2015-8075 REJECTED CVE-2015-8033 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits