Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e9f5c5cb by Moritz Muehlenhoff at 2022-07-29T19:58:00+02:00
new thunderbird issues (fixed in sid)
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1515,7 +1515,9 @@ CVE-2022-35239
CVE-2022-2505
RESERVED
- firefox 103.0-1
+ - thunderbird 1:102.1.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-30/#CVE-2022-2505
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-32/#CVE-2022-2505
CVE-2022-2504
RESERVED
CVE-2022-2503
@@ -1612,15 +1614,19 @@ CVE-2022-36319
{DSA-5193-1}
- firefox 103.0-1
- firefox-esr 91.12.0esr-1
+ - thunderbird 1:102.1.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-30/#CVE-2022-36319
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-29/#CVE-2022-36319
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-32/#CVE-2022-36319
CVE-2022-36318
RESERVED
{DSA-5193-1}
- firefox 103.0-1
- firefox-esr 91.12.0esr-1
- NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-30/#CVE-2022-36320
+ - thunderbird 1:102.1.0-1
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-30/#CVE-2022-36318
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-29/#CVE-2022-36318
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-32/#CVE-2022-36318
CVE-2022-36317
RESERVED
- firefox <not-affected> (Android-specific)
@@ -1636,7 +1642,9 @@ CVE-2022-36315
CVE-2022-36314
RESERVED
- firefox <not-affected> (Windows-specific)
+ - thunderbird <not-affected> (Windows-specific)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-30/#CVE-2022-36314
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-32/#CVE-2022-36314
CVE-2022-36313 (An issue was discovered in the file-type package before 16.5.4
and 17. ...)
NOT-FOR-US: Node file-type
CVE-2022-2495 (Cross-site Scripting (XSS) - Stored in GitHub repository
microweber/mi ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -74,6 +74,8 @@ slurm-llnl/oldstable
sox
patch needed for CVE-2021-40426, check with upstream
--
+thunderbird
+--
unzip
unclear information, initial report indicates writable memory corruption, but
some identified patch is just for a NULL deref, needs more clarification
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9f5c5cb278f82938b2115d15b98e0f673de7fb2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9f5c5cb278f82938b2115d15b98e0f673de7fb2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
