iceweasel is removed from sid

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@41232 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Moritz Muehlenhoff <jmm@debian.org> 2016-04-27 11:55:04 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2016-04-27 11:55:04 +0000
commit: c30ed9354d8d14ce2d31ba35d3085c905110e881 (patch)
tree: 2999fea218e0b6966ad74a0bb2e5c381adbed537 /data
parent: 6e17db3e70d071ba445782f2d08c894258c7d338 (diff)
9 files changed, 64 insertions, 64 deletions
diff --git a/data/CVE/2004.list b/data/CVE/2004.list
index 7a48c38c49..f674d4bddf 100644
--- a/data/CVE/2004.list
+++ b/data/CVE/2004.list
@@ -2353,7 +2353,7 @@ CVE-2004-1639 (Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allo
 	NOTE: It's reproducable with 1.0.2, but I doubt it will ever be "fixed", as HTML parsers
 	NOTE: generally try to make sense of anything even remotely resembling HTML.
 	- firefox <removed> (unimportant)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	- mozilla <removed> (unimportant)
 CVE-2004-1638 (Buffer overflow in MailCarrier 2.51 allows remote attackers to execute ...)
 	NOT-FOR-US: mailcarrier
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 19dd9ffea9..772069673f 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -501,7 +501,7 @@ CVE-2005-4686 (PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes ...
 CVE-2005-4685 (Firefox and Mozilla can associate a cookie with multiple domains when ...)
 	NOTE: see CVE-2005-4684
 	- firefox <removed> (unimportant)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	- mozilla <removed> (unimportant)
 	[sarge] - mozilla <no-dsa> (Hardly exploitable)
 	- xulrunner <unfixed> (unimportant)
@@ -5976,7 +5976,7 @@ CVE-2005-2396 (Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and .
 	- mediawiki 1.4.9 (bug #276057)
 CVE-2005-2395 (Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the ...)
 	- firefox <removed> (bug #320539; unimportant)
-	- iceweasel <unfixed> (bug #320539; unimportant)
+	- iceweasel <removed> (bug #320539; unimportant)
 	- mozilla-firefox 1.4.99+1.5rc3.dfsg-2 (bug #320539; unimportant)
 	- mozilla <removed> (bug #320538; unimportant)
 	NOTE: Firefox and Mozilla follow RFC behaviour. This is more a lack of security
diff --git a/data/CVE/2006.list b/data/CVE/2006.list
index a2af56b55c..b1245c9c59 100644
--- a/data/CVE/2006.list
+++ b/data/CVE/2006.list
@@ -678,7 +678,7 @@ CVE-2006-6956 (Microsoft Internet Explorer allows remote attackers to cause a de
 CVE-2006-6955 (Opera allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Opera
 CVE-2006-6954 (Flock beta 1 0.7 allows remote attackers to cause a denial of service ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
 	NOTE: Tested the proof of concept in iceweasel 2.0.0.1 and it crash.
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=239840
@@ -3616,7 +3616,7 @@ CVE-2006-5634 (Multiple PHP remote file inclusion vulnerabilities in phpProfiles
 CVE-2006-5633 (Firefox 1.5.0.7 and 2.0, and Seamonkey 1.1b, allows remote attackers ...)
 	- firefox 45.0-1 (unimportant)
 	- firefox-esr 45.0esr-1 (unimportant)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	- icedove <unfixed> (unimportant)
 	- mozilla <removed> (unimportant)
 	- xulrunner <unfixed> (unimportant)
@@ -10188,7 +10188,7 @@ CVE-2006-2724 (Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows r
 CVE-2006-2723 (Unspecified versions of Mozilla Firefox allow remote attackers to ...)
 	- firefox 45.0-1 (unimportant)
 	- firefox-esr 45.0esr-1 (unimportant)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	- mozilla <removed> (unimportant)
 	- mozilla-firefox <removed> (unimportant)
 	- xulrunner <unfixed> (unimportant)
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 088cb262be..1a92aca241 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -113,7 +113,7 @@ CVE-2007-6716 (fs/direct-io.c in the dio subsystem in the Linux kernel before 2.
 	- linux-2.6.24 <not-affected> (Vulnerable code not present)
 	NOTE: 848c4dd5153c7a0de55470ce99a8e13a63b4703f
 CVE-2007-6715 (Mozilla Firefox allows remote attackers to cause a denial of service ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: browser dos not treated as security issues
 	NOTE: cant reproduce on 2.0.0.12-1 and 2.0.0.14-2, already fixed?
 CVE-2007-6713 (Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown ...)
@@ -2094,7 +2094,7 @@ CVE-2007-5898 (The (1) htmlentities and (2) htmlspecialchars functions in PHP be
 CVE-2007-5897 (Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, ...)
 	NOT-FOR-US: Oracle
 CVE-2007-5896 (Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
 CVE-2007-5895
 	RESERVED
@@ -3177,7 +3177,7 @@ CVE-2007-5416 (Drupal 5.2 and earlier does not properly unset variables when the
 	NOTE: The underlying PHP issue has been fixed in DSA 1206.
 	NOTE: Plus, register_globals is not supported in Debian
 CVE-2007-5415 (Cross-site scripting (XSS) vulnerability in Mozilla Firefox 2.0, when ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: if you are on a site which allows UTF-7 sure you need to sanitize the
 	NOTE: equivalent strings in UTF-7
 	NOTE: referring to the mozilla security team this is a non-issue and a duplicate of
@@ -5735,7 +5735,7 @@ CVE-2007-4358 (Zoidcom 0.6.7 and earlier allows remote attackers to cause a deni
 CVE-2007-4357 (Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof ...)
 	- mozilla-firefox <removed> (unimportant)
 	- mozilla <removed> (unimportant)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	- iceape <removed> (unimportant)
 CVE-2007-4356 (Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML ...)
 	NOT-FOR-US: Microsoft Internet Explorer
@@ -9734,7 +9734,7 @@ CVE-2007-2673 (SQL injection vulnerability in includes/funcs_vendors.php in Cens
 CVE-2007-2672 (SQL injection vulnerability in index.php in PHP Coupon Script 3.0 ...)
 	NOT-FOR-US: PHP Coupon Script
 CVE-2007-2671 (Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security problems
 CVE-2007-2670 (PHPChain 1.0 and earlier allows remote attackers to obtain the ...)
 	NOT-FOR-US: PHPChain
@@ -10951,7 +10951,7 @@ CVE-2007-2164 (Konqueror 3.5.5 release 45.4 allows remote attackers to cause a d
 CVE-2007-2163 (Apple Safari allows remote attackers to cause a denial of service ...)
 	NOT-FOR-US: Apple Safari
 CVE-2007-2162 ((1) Mozilla Firefox 2.0.0.3 and (2) GNU IceWeasel 2.0.0.3 allow remote ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes are not treated as security problems
 CVE-2007-2161 (Microsoft Internet Explorer 7 allows remote attackers to cause a ...)
 	NOT-FOR-US: Microsoft Internet Explorer
@@ -11381,7 +11381,7 @@ CVE-2007-XXXX [mydms SQL injection]
 CVE-2007-1971 (SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi ...)
 	NOT-FOR-US: fotokategori.asp
 CVE-2007-1970 (Mozilla Firefox does not warn the user about HTTP elements on an HTTPS ...)
-	- iceweasel <unfixed> (unimportant; bug #556267)
+	- iceweasel <removed> (unimportant; bug #556267)
 	[etch] - iceweasel <end-of-life> (Etch Packages no longer covered by security support)
 	[lenny] - iceweasel <no-dsa> (Minor issue)
 CVE-2007-1969 (Cross-site scripting (XSS) vulnerability in admin/modify.php in Sam ...)
@@ -11915,7 +11915,7 @@ CVE-2007-1738 (TrueCrypt 4.3, when installed setuid root, allows local users to
 CVE-2007-1737 (Opera 9.10 does not check URLs embedded in (1) object or (2) iframe ...)
 	NOT-FOR-US: Opera
 CVE-2007-1736 (Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: I don't believe this has relevant security impact, such a black list
 	NOTE: will register URLs found in the wild and the used adresses will be
 	NOTE: volatile anyway
@@ -13095,7 +13095,7 @@ CVE-2007-1258 (Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF
 CVE-2007-1257 (The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, ...)
 	NOT-FOR-US: Cisco
 CVE-2007-1256 (Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Not exploitable
 CVE-2007-1255 (Unrestricted file upload vulnerability in admin.bbcode.php in ...)
 	NOT-FOR-US: Connectix Boards
@@ -13469,7 +13469,7 @@ CVE-2007-1086 (Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1
 CVE-2007-1085 (Cross-site scripting (XSS) vulnerability in Google Desktop allows ...)
 	NOT-FOR-US: Google Desktop
 CVE-2007-1084 (Mozilla Firefox 2.0.0.1 and earlier does not prompt users before ...)
-	- iceweasel <unfixed> (unimportant; bug #556268)
+	- iceweasel <removed> (unimportant; bug #556268)
 	- iceape <removed> (unimportant)
 	- epiphany-browser <unfixed> (unimportant; bug #556272)
 	NOTE: only epiphany-gecko backend affected
diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index e84d114964..ed9b7721bb 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -3438,7 +3438,7 @@ CVE-2008-5716 (xend in Xen 3.3.0 does not properly restrict a guest VM's write a
 	NOTE: this issue was introduced as a fix to CVE-2008-4405, which has not
 	NOTE: yet been fixed in Debian
 CVE-2008-5715 (Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
 CVE-2008-5714 (Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for ...)
 	{DSA-1907-1 DTSA-203-1}
@@ -6863,7 +6863,7 @@ CVE-2008-4326 (The PMA_escapeJsString function in libraries/js_escape.lib.php in
 CVE-2008-4325 (lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the ...)
 	- viewvc 1.0.9-1 (bug #500779; unimportant)
 CVE-2008-4324 (The user interface event dispatcher in Mozilla Firefox 3.0.3 on ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: reproducible but browser DoS not treated as security issue
 CVE-2008-4323 (Windows Explorer in Microsoft Windows XP SP3 allows user-assisted ...)
 	NOT-FOR-US: Windows Explorer
@@ -9095,7 +9095,7 @@ CVE-2008-3446 (Directory traversal vulnerability in inc/wysiwyg.php in LetterIt
 CVE-2008-3445 (SQL injection vulnerability in index.php in phpMyRealty (PMR) 2.0.0 ...)
 	NOT-FOR-US: phpMyRealty
 CVE-2008-3444 (The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: browser dos not treated as security issues
 CVE-2008-3443 (The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, ...)
 	{DSA-1695-1}
@@ -12423,7 +12423,7 @@ CVE-2008-2016 (PHP remote file inclusion vulnerability in Chilek Content Managem
 CVE-2008-2015 (Multiple absolute path traversal vulnerabilities in certain ActiveX ...)
 	NOT-FOR-US: WatchFire
 CVE-2008-2014 (Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes / hangs not treated as security issues
 CVE-2008-2013 (SQL injection vulnerability in index.php in the pnFlashGames 1.5 ...)
 	NOT-FOR-US: pnFlashGames
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index d13668076b..51787d7f73 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -5567,7 +5567,7 @@ CVE-2009-3015 (QtWeb 3.0 Builds 001 and 003 does not properly block javascript:
 	NOTE: This is a web site issue (open redirector), not a browser problem.
 CVE-2009-3014 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; ...)
 	NOTE: This is a web site issue (open redirector), not a browser problem.
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 CVE-2009-3013 (Opera 9.52 and earlier, and 10.00 Beta 3 Build 1699, does not properly ...)
 	NOT-FOR-US: Opera
 CVE-2009-3012 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre ...)
@@ -5577,7 +5577,7 @@ CVE-2009-3011 (Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and
 	NOTE: This is a web site issue (open redirector), not a browser problem.
 CVE-2009-3010 (Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre; ...)
 	NOTE: This is a web site issue (open redirector), not a browser problem.
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 CVE-2009-3009 (Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before ...)
 	{DSA-1887-1}
 	- rails 2.2.3-1 (low; bug #545063)
@@ -11476,7 +11476,7 @@ CVE-2009-0823
 CVE-2009-0822
 	RESERVED
 CVE-2009-0821 (Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser DoS not treated as security issues
 CVE-2009-0820 (Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 ...)
 	NOT-FOR-US: phpScheduleIt
@@ -13447,7 +13447,7 @@ CVE-2009-0073
 CVE-2009-0072 (Microsoft Internet Explorer 6.0 through 8.0 beta2 allows remote ...)
 	NOT-FOR-US: Internet Explorer
 CVE-2009-0071 (Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: Browser crashes not treated as security issues
 CVE-2009-0070 (Integer signedness error in Apple Safari allows remote attackers to ...)
 	NOT-FOR-US: Apple Safari
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 2c8b559c2f..a51bfb2acc 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -1484,7 +1484,7 @@ CVE-2011-4690 (Opera 11.60 and earlier does not prevent capture of data about th
 CVE-2011-4689 (Microsoft Internet Explorer 6 through 9 does not prevent capture of ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2011-4688 (Mozilla Firefox 8.0.1 and earlier does not prevent capture of data ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 CVE-2011-4687 (Opera before 11.60 allows remote attackers to cause a denial of ...)
 	NOT-FOR-US: Opera
 CVE-2011-4686 (Unspecified vulnerability in the Web Workers implementation in Opera ...)
@@ -13916,7 +13916,7 @@ CVE-2011-0083 (Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem
 	NOTE: xulrunner in wheezy is not covered by security support
 CVE-2011-0082 (The X.509 certificate validation functionality in Mozilla Firefox ...)
 	- xulrunner <removed> (unimportant)
-	- iceweasel <unfixed> (unimportant; bug #627552)
+	- iceweasel <removed> (unimportant; bug #627552)
 	NOTE: Negligable impact
 CVE-2011-0081 (Unspecified vulnerability in the browser engine in Mozilla Firefox ...)
 	{DSA-2235-1 DSA-2228-1 DSA-2227-1}
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index af3e7ba8cf..4cc1ab9269 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -3841,7 +3841,7 @@ CVE-2013-6064
 CVE-2013-6243 (SQL injection vulnerability in the Landing Pages plugin 1.2.3, before ...)
 	NOT-FOR-US: WordPress Landing Pages Plugin
 CVE-2013-6167 (Mozilla Firefox through 27 sends HTTP Cookie headers without first ...)
-	- iceweasel <unfixed> (unimportant)
+	- iceweasel <removed> (unimportant)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=858215
 CVE-2013-6166 (Google Chrome before 29 sends HTTP Cookie headers without first ...)
 	- chromium-browser 31.0.1650.57-1 (low)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index eda46b604d..7a3d76c9e3 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -3220,7 +3220,7 @@ CVE-2016-2806 [Memory safety bugs fixed in Firefox ESR 45.1 and Firefox 46]
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
 CVE-2016-2805 [Memory safety bug fixed in Firefox ESR 38.8]
 	RESERVED
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr <not-affected> (Only affects Firefox ESR 38.x)
 	- firefox <not-affected> (Only affects Firefox ESR 38.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
@@ -3234,7 +3234,7 @@ CVE-2016-2803
 	RESERVED
 CVE-2016-2802 (The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3242,7 +3242,7 @@ CVE-2016-2802 (The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in ..
 	- graphite2 1.3.6-1
 CVE-2016-2801 (The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3250,7 +3250,7 @@ CVE-2016-2801 (The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.
 	- graphite2 1.3.6-1
 CVE-2016-2800 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3258,7 +3258,7 @@ CVE-2016-2800 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 b
 	- graphite2 1.3.6-1
 CVE-2016-2799 (Heap-based buffer overflow in the graphite2::Slot::setAttr function in ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3266,7 +3266,7 @@ CVE-2016-2799 (Heap-based buffer overflow in the graphite2::Slot::setAttr functi
 	- graphite2 1.3.6-1
 CVE-2016-2798 (The graphite2::GlyphCache::Loader::Loader function in Graphite 2 ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3274,7 +3274,7 @@ CVE-2016-2798 (The graphite2::GlyphCache::Loader::Loader function in Graphite 2
 	- graphite2 1.3.6-1
 CVE-2016-2797 (The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3282,7 +3282,7 @@ CVE-2016-2797 (The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite
 	- graphite2 1.3.6-1
 CVE-2016-2796 (Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3290,7 +3290,7 @@ CVE-2016-2796 (Heap-based buffer overflow in the graphite2::vm::Machine::Code::C
 	- graphite2 1.3.6-1
 CVE-2016-2795 (The graphite2::FileFace::get_table_fn function in Graphite 2 before ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3298,7 +3298,7 @@ CVE-2016-2795 (The graphite2::FileFace::get_table_fn function in Graphite 2 befo
 	- graphite2 1.3.6-1
 CVE-2016-2794 (The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3306,7 +3306,7 @@ CVE-2016-2794 (The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in .
 	- graphite2 1.3.6-1
 CVE-2016-2793 (CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3314,7 +3314,7 @@ CVE-2016-2793 (CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Fir
 	- graphite2 1.3.6-1
 CVE-2016-2792 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3322,7 +3322,7 @@ CVE-2016-2792 (The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 b
 	- graphite2 1.3.6-1
 CVE-2016-2791 (The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -3330,7 +3330,7 @@ CVE-2016-2791 (The graphite2::GlyphCache::glyph function in Graphite 2 before 1.
 	- graphite2 1.3.6-1
 CVE-2016-2790 (The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -5829,7 +5829,7 @@ CVE-2016-1984 (The setUpSubtleUserAccount function in /bin/bw on Harman AMX devi
 CVE-2016-1980
 	RESERVED
 CVE-2016-1979 (Use-after-free vulnerability in the ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -5848,7 +5848,7 @@ CVE-2016-1978 (Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExcha
 	- nss 2:3.21-1
 CVE-2016-1977 (The Machine::Code::decoder::analysis::set_ref function in Graphite 2 ...)
 	{DSA-3520-1 DSA-3515-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -5860,13 +5860,13 @@ CVE-2016-1975 (Multiple race conditions in dom/media/systemservices/CamerasChild
 	- iceweasel <not-affected> (Windows-specific)
 CVE-2016-1974 (The nsScannerString::AppendUnicodeTo function in Mozilla Firefox ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
 CVE-2016-1973 (Race condition in the GetStaticInstance function in the WebRTC ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -5886,7 +5886,7 @@ CVE-2016-1969 (The setAttr function in Graphite 2 before 1.3.6, as used in Mozil
 	- firefox-esr 45.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/
 CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -5895,7 +5895,7 @@ CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before 45
 	- brotli 0.3.0+dfsg-3 (bug #817233)
 	NOTE: https://github.com/google/brotli/commit/37a320dd81db8d546cd24a45b4c61d87b45dcade
 CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -5903,26 +5903,26 @@ CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the ...)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/
 CVE-2016-1966 (The nsNPObjWrapper::GetNewOrUsed function in ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
 CVE-2016-1965 (Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 mishandle ...)
 	{DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/
 CVE-2016-1964 (Use-after-free vulnerability in the AtomicBaseIncDec function in ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
 CVE-2016-1963 (The FileReader class in Mozilla Firefox before 45.0 allows local users ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -5930,21 +5930,21 @@ CVE-2016-1963 (The FileReader class in Mozilla Firefox before 45.0 allows local
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/
 CVE-2016-1962 (Use-after-free vulnerability in the ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/
 CVE-2016-1961 (Use-after-free vulnerability in the nsHTMLDocument::SetBody function ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
 CVE-2016-1960 (Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -5952,32 +5952,32 @@ CVE-2016-1960 (Integer underflow in the nsHtml5TreeBuilder class in the HTML5 st
 CVE-2016-1959 (The ServiceWorkerManager class in Mozilla Firefox before 45.0 allows ...)
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-22/
 CVE-2016-1958 (browser/base/content/browser.js in Mozilla Firefox before 45.0 and ...)
 	{DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/
 CVE-2016-1957 (Memory leak in libstagefright in Mozilla Firefox before 45.0 and ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
 CVE-2016-1956 (Mozilla Firefox before 45.0 on Linux, when an Intel video driver is ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	[wheezy] - iceweasel <not-affected> (Only affects Firefox 44.x)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/
 CVE-2016-1955 (Mozilla Firefox before 45.0 allows remote attackers to bypass the Same ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -5985,13 +5985,13 @@ CVE-2016-1955 (Mozilla Firefox before 45.0 allows remote attackers to bypass the
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/
 CVE-2016-1954 (The nsCSPContext::SendReports function in ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
 CVE-2016-1953 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 44.x)
@@ -5999,7 +5999,7 @@ CVE-2016-1953 (Multiple unspecified vulnerabilities in the browser engine in Moz
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
 CVE-2016-1952 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...)
 	{DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
@@ -6007,7 +6007,7 @@ CVE-2016-1951
 	RESERVED
 CVE-2016-1950 (Heap-based buffer overflow in Mozilla Network Security Services (NSS) ...)
 	{DSA-3520-1 DSA-3510-1}
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	- icedove 38.7.0-1
@@ -6015,7 +6015,7 @@ CVE-2016-1950 (Heap-based buffer overflow in Mozilla Network Security Services (
 	- nss 2:3.23-1
 	NOTE: NSS fixed in 3.21.1
 CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the ...)
-	- iceweasel <unfixed>
+	- iceweasel <removed>
 	- firefox-esr 45.0esr-1
 	- firefox 45.0-1
 	[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
author	Moritz Muehlenhoff <jmm@debian.org>	2016-04-27 11:55:04 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2016-04-27 11:55:04 +0000
commit	c30ed9354d8d14ce2d31ba35d3085c905110e881 (patch)
tree	2999fea218e0b6966ad74a0bb2e5c381adbed537 /data
parent	6e17db3e70d071ba445782f2d08c894258c7d338 (diff)