Author: carnil
Date: 2016-03-17 15:12:09 +0000 (Thu, 17 Mar 2016)
New Revision: 40437
Modified:
data/CVE/list
Log:
Manual cleanups for CVE list
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-17 15:11:59 UTC (rev 40436)
+++ data/CVE/list 2016-03-17 15:12:09 UTC (rev 40437)
@@ -1181,7 +1181,7 @@
NOTE: http://marc.info/?l=netfilter-devel&m=145757134822741&w=2
NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/4
NOTE: http://www.openwall.com/lists/oss-security/2016/03/10/7
- NOTE: Non-privileged user namespaces disabled by default, only
vulnerable with sysctl kernel.unprivileged_userns_clone=1
+ NOTE: Non-privileged user namespaces disabled by default, only
vulnerable with sysctl kernel.unprivileged_userns_clone=1
CVE-2016-3135 [unsigned integer overflow on 32bit kernels]
RESERVED
- linux 4.4.6-1
@@ -1406,91 +1406,91 @@
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2801 (The graphite2::TtfUtil::CmapSubtable12Lookup function in
TtfUtil.cpp ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2800 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2
before ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2799 (Heap-based buffer overflow in the graphite2::Slot::setAttr
function in ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2798 (The graphite2::GlyphCache::Loader::Loader function in Graphite
2 ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2797 (The graphite2::TtfUtil::CmapSubtable12Lookup function in
Graphite 2 ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2796 (Heap-based buffer overflow in the
graphite2::vm::Machine::Code::Code ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2795 (The graphite2::FileFace::get_table_fn function in Graphite 2
before ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2794 (The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in
...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2793 (CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla
Firefox ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2792 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2
before ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2791 (The graphite2::GlyphCache::glyph function in Graphite 2 before
1.3.6, ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2790 (The graphite2::TtfUtil::GetTableInfo function in Graphite 2
before ...)
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-2789
@@ -4217,7 +4217,7 @@
CVE-2016-1979 (Use-after-free vulnerability in the ...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/
@@ -4236,7 +4236,7 @@
{DSA-3515-1 DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- graphite2 1.3.6-1
CVE-2016-1976 (Use-after-free vulnerability in the DesktopDisplayDevice class
in the ...)
@@ -4247,12 +4247,12 @@
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
CVE-2016-1973 (Race condition in the GetStaticInstance function in the WebRTC
...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/
@@ -4267,7 +4267,7 @@
CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before
45.0, ...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/
@@ -4276,7 +4276,7 @@
CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the ...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/
@@ -4284,24 +4284,24 @@
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
CVE-2016-1965 (Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7
mishandle ...)
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/
CVE-2016-1964 (Use-after-free vulnerability in the AtomicBaseIncDec function
in ...)
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
CVE-2016-1963 (The FileReader class in Mozilla Firefox before 45.0 allows
local users ...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/
@@ -4309,23 +4309,23 @@
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/
CVE-2016-1961 (Use-after-free vulnerability in the nsHTMLDocument::SetBody
function ...)
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
CVE-2016-1960 (Integer underflow in the nsHtml5TreeBuilder class in the HTML5
string ...)
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/
CVE-2016-1959 (The ServiceWorkerManager class in Mozilla Firefox before 45.0
allows ...)
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
- iceweasel <unfixed>
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -4334,25 +4334,25 @@
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/
CVE-2016-1957 (Memory leak in libstagefright in Mozilla Firefox before 45.0
and ...)
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
CVE-2016-1956 (Mozilla Firefox before 45.0 on Linux, when an Intel video
driver is ...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/
CVE-2016-1955 (Mozilla Firefox before 45.0 allows remote attackers to bypass
the Same ...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/
@@ -4360,12 +4360,12 @@
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
CVE-2016-1953 (Multiple unspecified vulnerabilities in the browser engine in
Mozilla ...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
@@ -4373,7 +4373,7 @@
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
CVE-2016-1951
RESERVED
@@ -4381,14 +4381,14 @@
{DSA-3510-1}
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
- nss 2:3.23-1
NOTE: NSS fixed in 3.21.1
CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the
...)
- iceweasel <unfixed>
- firefox-esr 45.0esr-1
- - firefox 45.0-1
+ - firefox 45.0-1
[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
