Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b4ba019e by Moritz Mühlenhoff at 2023-08-02T14:01:59+02:00
firefox fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -117,10 +117,10 @@ CVE-2023-32302 (Silverstripe Framework is the MVC
framework that powers Silverst
CVE-2023-31710 (TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and
AX21(US)_V3.6_1.1. ...)
NOT-FOR-US: TP-Link
CVE-2023-4058 (Memory safety bugs present in Firefox 115. Some of these bugs
showed e ...)
- - firefox <unfixed>
+ - firefox 116.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4058
CVE-2023-4057 (Memory safety bugs present in Firefox 115, Firefox ESR 115.0,
and Thun ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
[bookworm] - firefox-esr <not-affected> (Only affects Firefox ESR 115.1)
[bullseye] - firefox-esr <not-affected> (Only affects Firefox ESR 115.1)
@@ -128,13 +128,13 @@ CVE-2023-4057 (Memory safety bugs present in Firefox 115,
Firefox ESR 115.0, and
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4057
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4057
CVE-2023-4056 (Memory safety bugs present in Firefox 115, Firefox ESR 115.0,
Firefox ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4056
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4056
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4056
CVE-2023-4055 (When the number of cookies per domain was exceeded in
`document.cookie ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4055
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4055
@@ -146,7 +146,7 @@ CVE-2023-4054 (When opening appref-ms files, Firefox did
not warn the user that
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4054
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4054
CVE-2023-4053 (A website could have obscured the full screen notification by
using a ...)
- - firefox <unfixed>
+ - firefox 116.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4053
CVE-2023-4052 (The Firefox updater created a directory writable by
non-privileged use ...)
- firefox <not-affected> (Affects only Firefox on Windows)
@@ -154,40 +154,40 @@ CVE-2023-4052 (The Firefox updater created a directory
writable by non-privilege
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4052
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4052
CVE-2023-4051 (A website could have obscured the full screen notification by
using th ...)
- - firefox <unfixed>
+ - firefox 116.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4051
CVE-2023-4050 (In some cases, an untrusted input stream was copied to a stack
buffer ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4050
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4050
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4050
CVE-2023-4049 (Race conditions in reference counting code were found through
code ins ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4049
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4049
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4049
CVE-2023-4048 (An out-of-bounds read could have led to an exploitable crash
when pars ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4048
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4048
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4048
CVE-2023-4047 (A bug in popup notifications delay calculation could have made
it poss ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4047
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4047
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4047
CVE-2023-4046 (In some circumstances, a stale value could have been used for a
global ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4046
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4046
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-31/#CVE-2023-4046
CVE-2023-4045 (Offscreen Canvas did not properly track cross-origin tainting,
which c ...)
- - firefox <unfixed>
+ - firefox 116.0-1
- firefox-esr 115.1.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4045
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-30/#CVE-2023-4045
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4ba019e7d2154cc09094eb8951e7fd24888dfcb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4ba019e7d2154cc09094eb8951e7fd24888dfcb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
