Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5e07f42e by Salvatore Bonaccorso at 2021-10-06T06:38:55+02:00
Add new firefox-esr issues from mfsa2021-44 and mfsa2021-45
Tried to de-tangle the required tracking. We have a set of CVEs which
will be relevant for firefox-esr in the security supported suites
covered by mfsa2021-44. The CVEs specifically only for the 91.x version
did never hit unstable, so marking those as not-affected.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8100,11 +8100,16 @@ CVE-2021-38502
CVE-2021-38501
RESERVED
- firefox <unfixed>
+ - firefox-esr <not-affected> (Only affect Firefox 91 not in any
supported suite in vulnerable version)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38501
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38501
CVE-2021-38500
RESERVED
- firefox <unfixed>
+ - firefox-esr 91.2.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38500
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/#CVE-2021-38500
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38500
CVE-2021-38499
RESERVED
- firefox <unfixed>
@@ -8112,15 +8117,22 @@ CVE-2021-38499
CVE-2021-38498
RESERVED
- firefox <unfixed>
+ - firefox-esr <not-affected> (Only affect Firefox 91 not in any
supported suite in vulnerable version)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38498
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38498
CVE-2021-38497
RESERVED
- firefox <unfixed>
+ - firefox-esr <not-affected> (Only affect Firefox 91 not in any
supported suite in vulnerable version)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38497
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38497
CVE-2021-38496
RESERVED
- firefox <unfixed>
+ - firefox-esr 91.2.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38496
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/#CVE-2021-38496
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38496
CVE-2021-38495
RESERVED
- thunderbird <not-affected> (Vulnerable code introduced later)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e07f42e301c05c52f219ab42d4a0f858b2e577e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e07f42e301c05c52f219ab42d4a0f858b2e577e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
