Author: jmm
Date: 2016-06-08 06:10:25 +0000 (Wed, 08 Jun 2016)
New Revision: 42391
Modified:
data/CVE/list
Log:
new firefox issues
drop pycurl entry, no evidence of being exploitable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-08 06:04:14 UTC (rev 42390)
+++ data/CVE/list 2016-06-08 06:10:25 UTC (rev 42391)
@@ -7006,32 +7006,55 @@
RESERVED
CVE-2016-2834
RESERVED
+ - nss <unfixed>
+ - firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
+ - firefox <unfixed>
CVE-2016-2833
RESERVED
+ - firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
+ - firefox <unfixed>
CVE-2016-2832
RESERVED
+ - firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
+ - firefox <unfixed>
CVE-2016-2831
RESERVED
+ - firefox-esr <unfixed>
+ - firefox <unfixed>
CVE-2016-2830
RESERVED
CVE-2016-2829
RESERVED
+ - firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
+ - firefox <unfixed>
CVE-2016-2828
RESERVED
+ - firefox-esr <unfixed>
+ - firefox <unfixed>
CVE-2016-2827
RESERVED
CVE-2016-2826
RESERVED
+ - firefox-esr <not-affected> (Only affects Windows)
+ - firefox <not-affected> (Only affects Windows)
CVE-2016-2825
RESERVED
+ - firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
+ - firefox <unfixed>
CVE-2016-2824
RESERVED
+ - firefox-esr <not-affected> (Only affects Windows)
+ - firefox <not-affected> (Only affects Windows)
CVE-2016-2823
RESERVED
CVE-2016-2822
RESERVED
+ - firefox-esr <unfixed>
+ - firefox <unfixed>
CVE-2016-2821
RESERVED
+ - firefox-esr <unfixed>
+ - firefox <unfixed>
CVE-2016-2820 (The Firefox Health Reports (aka FHR or about:healthreport)
feature in ...)
- iceweasel <not-affected> (Only Firefox 46)
- firefox-esr <not-affected> (Only Firefox 46)
@@ -7039,8 +7062,12 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-48/
CVE-2016-2819
RESERVED
+ - firefox-esr <unfixed>
+ - firefox <unfixed>
CVE-2016-2818
RESERVED
+ - firefox-esr <unfixed>
+ - firefox <unfixed>
CVE-2016-2817 (The WebExtension sandbox feature in ...)
- iceweasel <not-affected> (Only Firefox 46)
- firefox-esr <not-affected> (Only Firefox 46)
@@ -7053,6 +7080,8 @@
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-45/
CVE-2016-2815
RESERVED
+ - firefox-esr <not-affected> (Doesn't apply to Firefox ESR)
+ - firefox <unfixed>
CVE-2016-2814 (Heap-based buffer overflow in the ...)
{DSA-3559-1}
- iceweasel <removed>
@@ -17933,13 +17962,6 @@
RESERVED
CVE-2014-9754
RESERVED
-CVE-2015-XXXX [use afer free]
- - pycurl <unfixed>
- [wheezy] - pycurl <not-affected> (Vulnerable code introduced later)
- [squeeze] - pycurl <not-affected> (Vulnerable code introduced later)
- NOTE: CVE Request:
http://www.openwall.com/lists/oss-security/2015/11/03/4
- NOTE: Upstream commit:
https://github.com/pycurl/pycurl/commit/602f8e364634d386524f0396e962c2c9de0536a9
- NOTE: support for BUFFER and BUFFERPTR form parameters added with
https://github.com/clintclayton/pycurl/commit/642f87afc14fc79c202c3b10b95ad35e97aa8615
CVE-2015-8075
REJECTED
CVE-2015-8033
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
