Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c687b49f by Salvatore Bonaccorso at 2022-12-22T21:34:07+01:00
Add information for CVE-2022-3266 covering firefox and firefox-esr
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22460,7 +22460,11 @@ CVE-2022-3268 (Weak Password Requirements in GitHub
repository ikus060/minarca p
CVE-2022-3267 (Cross-Site Request Forgery (CSRF) in GitHub repository
ikus060/rdiffwe ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3266 (An out-of-bounds read can occur when decoding H264 video. This
results ...)
+ - firefox 105.0-1
+ - firefox-esr 102.3.0esr-1
- thunderbird 1:102.3.0-1
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-40/#CVE-2022-3266
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-41/#CVE-2022-3266
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/#CVE-2022-3266
CVE-2022-41322 (In Kitty before 0.26.2, insufficient validation in the desktop
notific ...)
- kitty 0.21.2-2 (bug #1020582)
=====================================
data/DLA/list
=====================================
@@ -367,7 +367,7 @@
{CVE-2021-33515 CVE-2022-30550}
[buster] - dovecot 1:2.3.4.1-5+deb10u7
[26 Sep 2022] DLA-3121-1 firefox-esr - security update
- {CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959
CVE-2022-40960 CVE-2022-40962}
+ {CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958
CVE-2022-40959 CVE-2022-40960 CVE-2022-40962}
[buster] - firefox-esr 102.3.0esr-1~deb10u2
[26 Sep 2022] DLA-3120-1 poppler - security update
{CVE-2018-18897 CVE-2018-19058 CVE-2018-20650 CVE-2019-9903
CVE-2019-9959 CVE-2019-14494 CVE-2020-27778 CVE-2022-27337 CVE-2022-38784}
=====================================
data/DSA/list
=====================================
@@ -205,7 +205,7 @@
{CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958
CVE-2022-40959 CVE-2022-40960 CVE-2022-40962}
[bullseye] - thunderbird 1:102.3.0-1~deb11u1
[23 Sep 2022] DSA-5237-1 firefox-esr - security update
- {CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959
CVE-2022-40960 CVE-2022-40962}
+ {CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958
CVE-2022-40959 CVE-2022-40960 CVE-2022-40962}
[bullseye] - firefox-esr 102.3.0esr-1~deb11u1
[22 Sep 2022] DSA-5236-1 expat - security update
{CVE-2022-40674}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c687b49f9da33217b11351439331bf24a47db9ad
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c687b49f9da33217b11351439331bf24a47db9ad
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
