[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for firefox-esr issues

Salvatore Bonaccorso (@carnil) Tue, 01 Aug 2023 22:28:17 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8b464342 by Salvatore Bonaccorso at 2023-08-02T07:27:32+02:00
Track fixed version via unstable for firefox-esr issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,7 +37,7 @@ CVE-2023-4058 (Memory safety bugs present in Firefox 115. 
Some of these bugs sho
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4058
 CVE-2023-4057 (Memory safety bugs present in Firefox 115, Firefox ESR 115.0, 
and Thun ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        [bookworm] - firefox-esr <not-affected> (Only affects Firefox ESR 115.1)
        [bullseye] - firefox-esr <not-affected> (Only affects Firefox ESR 115.1)
        [buster] - firefox-esr <not-affected> (Only affects Firefox ESR 115.1)
@@ -45,13 +45,13 @@ CVE-2023-4057 (Memory safety bugs present in Firefox 115, 
Firefox ESR 115.0, and
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4057
 CVE-2023-4056 (Memory safety bugs present in Firefox 115, Firefox ESR 115.0, 
Firefox  ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4056
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4056
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4056
 CVE-2023-4055 (When the number of cookies per domain was exceeded in 
`document.cookie ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4055
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4055
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4055
@@ -74,37 +74,37 @@ CVE-2023-4051 (A website could have obscured the full 
screen notification by usi
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4051
 CVE-2023-4050 (In some cases, an untrusted input stream was copied to a stack 
buffer  ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4050
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4050
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4050
 CVE-2023-4049 (Race conditions in reference counting code were found through 
code ins ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4049
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4049
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4049
 CVE-2023-4048 (An out-of-bounds read could have led to an exploitable crash 
when pars ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4048
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4048
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4048
 CVE-2023-4047 (A bug in popup notifications delay calculation could have made 
it poss ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4047
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4047
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4047
 CVE-2023-4046 (In some circumstances, a stale value could have been used for a 
global ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4046
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4046
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4046
 CVE-2023-4045 (Offscreen Canvas did not properly track cross-origin tainting, 
which c ...)
        - firefox <unfixed>
-       - firefox-esr <unfixed>
+       - firefox-esr 115.1.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4045
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4045
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4045



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b4643426bfd52f33517d09779a96dc8e3562945

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b4643426bfd52f33517d09779a96dc8e3562945
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for firefox-esr issues

Reply via email to