From b3cecbb890c4c60320ed32b0ac60786d4929effb Mon Sep 17 00:00:00 2001 From: Emilio Pozuelo Monfort Date: Thu, 5 Nov 2020 13:38:43 +0100 Subject: CVE/list: sort release entries after their package entry --- data/CVE/2016.list | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'data/CVE/2016.list') diff --git a/data/CVE/2016.list b/data/CVE/2016.list index f3777a253f..5c2bf36bc3 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -8320,8 +8320,8 @@ CVE-2016-8332 (A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code executi CVE-2016-8331 (An exploitable remote code execution vulnerability exists in the handl ...) {DLA-693-1} - tiff 4.0.6-3 - - tiff3 [jessie] - tiff 4.0.3-12.3+deb8u2 + - tiff3 [wheezy] - tiff3 (Does not ship libtiff tools) NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0190/ NOTE: thumbnail(1) was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package @@ -26047,9 +26047,9 @@ CVE-2016-XXXX [exec functions ignore length but look for NULL termination] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=71039 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305494 @@ -26069,9 +26069,9 @@ CVE-2016-XXXX [Integer overflow in iptcembed()] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=71459 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305518 @@ -26124,9 +26124,9 @@ CVE-2016-XXXX [NULL Pointer Dereference in phar_tar_setupmetadata()] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=71391 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305540 @@ -26158,9 +26158,9 @@ CVE-2016-XXXX [Crash on bad SOAP request] - php5 5.6.18+dfsg-1 [jessie] - php5 5.6.19+dfsg-0+deb8u1 [wheezy] - php5 5.4.45-0+deb7u7 + [squeeze] - php5 5.3.3.1-7+squeeze29 - php5.6 5.6.18+dfsg-1 - php7.0 7.0.3-1 - [squeeze] - php5 5.3.3.1-7+squeeze29 NOTE: temporary workaround until CVE assigned to explitly tag for squeeze NOTE: https://bugs.php.net/bug.php?id=70979 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1305551 @@ -27344,10 +27344,10 @@ CVE-2016-1980 CVE-2016-1979 (Use-after-free vulnerability in the PK11_ImportDERPrivateKeyInfoAndRet ...) {DSA-3688-1 DSA-3576-1 DLA-480-1 DLA-472-1} - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 - icedove 38.8.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/ - nss 2:3.21-1 @@ -27382,10 +27382,10 @@ CVE-2016-1974 (The nsScannerString::AppendUnicodeTo function in Mozilla Firefox NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/ CVE-2016-1973 (Race condition in the GetStaticInstance function in the WebRTC impleme ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-33/ CVE-2016-1972 (Race condition in libvpx in Mozilla Firefox before 45.0 on Windows mig ...) - iceweasel (Windows-specific) @@ -27403,19 +27403,19 @@ CVE-2016-1969 (The setAttr function in Graphite 2 before 1.3.6, as used in Mozil NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-38/ CVE-2016-1968 (Integer underflow in Brotli, as used in Mozilla Firefox before 45.0, a ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-30/ - brotli 0.3.0+dfsg-3 (bug #817233) NOTE: https://github.com/google/brotli/commit/37a320dd81db8d546cd24a45b4c61d87b45dcade CVE-2016-1967 (Mozilla Firefox before 45.0 does not properly restrict the availabilit ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-29/ CVE-2016-1966 (The nsNPObjWrapper::GetNewOrUsed function in dom/plugins/base/nsJSNPRu ...) {DSA-3520-1 DSA-3510-1} @@ -27439,10 +27439,10 @@ CVE-2016-1964 (Use-after-free vulnerability in the AtomicBaseIncDec function in NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/ CVE-2016-1963 (The FileReader class in Mozilla Firefox before 45.0 allows local users ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-26/ CVE-2016-1962 (Use-after-free vulnerability in the mozilla::DataChannelConnection::Cl ...) {DSA-3520-1 DSA-3510-1} @@ -27487,17 +27487,17 @@ CVE-2016-1957 (Memory leak in libstagefright in Mozilla Firefox before 45.0 and NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/ CVE-2016-1956 (Mozilla Firefox before 45.0 on Linux, when an Intel video driver is us ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/ CVE-2016-1955 (Mozilla Firefox before 45.0 allows remote attackers to bypass the Same ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/ CVE-2016-1954 (The nsCSPContext::SendReports function in dom/security/nsCSPContext.cp ...) {DSA-3520-1 DSA-3510-1} @@ -27508,10 +27508,10 @@ CVE-2016-1954 (The nsCSPContext::SendReports function in dom/security/nsCSPConte NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/ CVE-2016-1953 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 44.x) [wheezy] - iceweasel (Only affects Firefox 44.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/ CVE-2016-1952 (Multiple unspecified vulnerabilities in the browser engine in Mozilla ...) {DSA-3510-1} @@ -27539,11 +27539,11 @@ CVE-2016-1950 (Heap-based buffer overflow in Mozilla Network Security Services ( NOTE: NSS fixed in 3.21.1 CVE-2016-1949 (Mozilla Firefox before 44.0.2 does not properly restrict the interacti ...) - iceweasel - - firefox-esr 45.0esr-1 - - firefox 45.0-1 [jessie] - iceweasel (Only affects Firefox 43.x) [wheezy] - iceweasel (Only affects Firefox 43.x) [squeeze] - iceweasel (Only affects Firefox 43.x) + - firefox-esr 45.0esr-1 + - firefox 45.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/ CVE-2016-1948 (Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is u ...) - iceweasel (Only affects Firefox for Android) -- cgit v1.2.3