Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bcb5eacc by Salvatore Bonaccorso at 2019-05-22T07:31:11Z
Fixes for mfsa2019-14/firefox-esr adressed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1218,7 +1218,7 @@ CVE-2019-11699
CVE-2019-11698
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11698
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698
CVE-2019-11697
@@ -1242,19 +1242,19 @@ CVE-2019-11694
CVE-2019-11693
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11693
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693
CVE-2019-11692
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11692
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692
CVE-2019-11691
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11691
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691
CVE-2019-11690 (gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through
v2019.04 la ...)
@@ -6555,13 +6555,13 @@ CVE-2019-9821
CVE-2019-9820
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9820
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820
CVE-2019-9819
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9819
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819
CVE-2019-9818
@@ -6573,13 +6573,13 @@ CVE-2019-9818
CVE-2019-9817
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9817
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817
CVE-2019-9816
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9816
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816
CVE-2019-9815
@@ -6642,7 +6642,7 @@ CVE-2019-9801 (Firefox will accept any registered Program
ID as an external prot
CVE-2019-9800
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9800
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800
CVE-2019-9799 (Insufficient bounds checking of data during inter-process
communicatio ...)
@@ -6653,7 +6653,7 @@ CVE-2019-9798 (On Android systems, Firefox can load a
library from APITRACE_LIB,
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9798
CVE-2019-9797 (Cross-origin images can be read in violation of the same-origin
policy ...)
- firefox 66.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9797
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797
CVE-2019-9796 (A use-after-free vulnerability can occur when the SMIL
animation contr ...)
@@ -12949,7 +12949,7 @@ CVE-2019-7317 (png_image_free in png.c in libpng 1.6.36
has a use-after-free bec
{DSA-4435-1}
- libpng1.6 1.6.36-4 (bug #921355)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
NOTE: https://github.com/glennrp/libpng/issues/275
NOTE:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
@@ -16670,7 +16670,7 @@ CVE-2019-5798
RESERVED
{DSA-4421-1}
- chromium 73.0.3683.75-1
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798
CVE-2019-5797
RESERVED
@@ -34965,8 +34965,10 @@ CVE-2018-18512 (A use-after-free vulnerability can
occur while playing a sound n
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18512
CVE-2018-18511 (Cross-origin images can be read from a canvas element in
violation of ...)
- firefox 65.0.1-1
+ - firefox-esr 60.7.0esr-1
- skia <itp> (bug #818180)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18511
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2018-18511
CVE-2018-18510 (The about:crashcontent and about:crashparent pages can be
triggered by ...)
- firefox 64.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18510
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bcb5eacc8e793546541a0a161872fe1e5df1248a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bcb5eacc8e793546541a0a161872fe1e5df1248a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
