[Secure-testing-commits] r54444 - data/CVE

Tue, 08 Aug 2017 12:52:22 -0700 

Author: jmm
Date: 2017-08-08 19:51:38 +0000 (Tue, 08 Aug 2017)
New Revision: 54444

Modified:
   data/CVE/list
Log:
new firefox issues
jasper no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-08 18:33:28 UTC (rev 54443)
+++ data/CVE/list       2017-08-08 19:51:38 UTC (rev 54444)
@@ -7311,6 +7311,7 @@
        RESERVED
 CVE-2017-9782 (JasPer 2.0.12 allows remote attackers to cause a denial of 
service ...)
        - jasper <removed>
+       [jessie] - jasper <no-dsa> (Minor issue)
        NOTE: https://github.com/mdadams/jasper/issues/140
 CVE-2017-9781 (A cross site scripting (XSS) vulnerability exists in Check_MK 
versions ...)
        - check-mk <unfixed> (bug #865497)
@@ -13212,70 +13213,109 @@
        RESERVED
 CVE-2017-7808
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7807
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7806
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7805
        RESERVED
 CVE-2017-7804
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
+       NOTE: Might be Windows-specific
 CVE-2017-7803
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7802
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7801
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7800
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7799
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7798
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7797
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7796
        RESERVED
+       - firefox <not-affected> (Windows-specific)
 CVE-2017-7795
        RESERVED
 CVE-2017-7794
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7793
        RESERVED
 CVE-2017-7792
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7791
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7790
        RESERVED
+       - firefox <not-affected> (Windows-specific)
 CVE-2017-7789 [Firefox ignores Strict-Transport-Security when two more STS 
headers are sent from server]
        RESERVED
        - firefox <unfixed> (low)
-       - firefox-esr <unfixed> (low)
-       [stretch] - firefox-esr <no-dsa> (Wait for next ESR release, if it 
doesn't get merged into ESR ignore)
-       [jessie] - firefox-esr <no-dsa> (Wait for next ESR release, if it 
doesn't get merged into ESR ignore)
-       [wheezy] - firefox-esr <no-dsa> (Wait for next ESR release, if it 
doesn't get merged into ESR ignore)
        NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1074642
 CVE-2017-7788
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7787
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7786
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7785
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7784
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7783
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7782
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
+       NOTE: Might be Windows-specific
 CVE-2017-7781
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7780
        RESERVED
+       - firefox <unfixed>
 CVE-2017-7779
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7778
        RESERVED
        {DSA-3918-1 DSA-3894-1 DSA-3881-1 DLA-1013-1 DLA-1007-1 DLA-991-1}
@@ -13457,6 +13497,8 @@
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2017-17/#CVE-2017-7754
 CVE-2017-7753
        RESERVED
+       - firefox <unfixed>
+       - firefox-esr <unfixed> 
 CVE-2017-7752
        RESERVED
        {DSA-3918-1 DSA-3881-1 DLA-1007-1 DLA-991-1}
@@ -20379,16 +20421,17 @@
 CVE-2017-5582
        RESERVED
 CVE-2017-6852 (Heap-based buffer overflow in the jpc_dec_decodepkt function in 
...)
-       - jasper <unfixed>
+       - jasper <removed>
+       [jessie] - jasper <no-dsa> (Minor issue)
        NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/114
        NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/10
 CVE-2017-6850 (The jp2_cdef_destroy function in jp2_cod.c in JasPer before 
2.0.13 ...)
-       - jasper <unfixed> (unimportant)
+       - jasper <removed> (unimportant)
        NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/112
        NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/8
        NOTE: Not suitable for code injection, hardly denial of service
 CVE-2017-6851 (The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 
allows ...)
-       - jasper <unfixed> (unimportant)
+       - jasper <removed> (unimportant)
        NOTE: Upstream bug: https://github.com/mdadams/jasper/issues/113
        NOTE: http://www.openwall.com/lists/oss-security/2017/01/25/9
        NOTE: Not suitable for code injection, hardly denial of service


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to