Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
acfde242 by Salvatore Bonaccorso at 2023-10-25T11:19:20+02:00
Track CVE for thunderbird from mfsa2023-47
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -245,43 +245,57 @@ CVE-2023-39231 (PingFederate using the PingOne MFA
adapter allows a new MFA devi
NOT-FOR-US: PingFederate
CVE-2023-5732 (An attacker could have created a malicious link using
bidirectional ch ...)
- firefox-esr 115.4.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5732
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5732
CVE-2023-5731 (Memory safety bugs present in Firefox 118. Some of these bugs
showed e ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5731
CVE-2023-5730 (Memory safety bugs present in Firefox 118, Firefox ESR 115.3,
and Thun ...)
- firefox <unfixed>
- firefox-esr 115.4.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5730
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5730
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5730
CVE-2023-5729 (A malicious web site can enter fullscreen mode while
simultaneously tr ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5729
CVE-2023-5728 (During garbage collection extra operations were performed on a
object ...)
- firefox <unfixed>
- firefox-esr 115.4.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5728
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5728
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5728
CVE-2023-5727 (The executable file warning was not presented when downloading
.msix, ...)
- firefox <not-affected> (Only affects Firefox on Windows)
- firefox-esr <not-affected> (Only affects Firefox ESR on Windows)
+ - thunderbird <not-affected> (Only affects Thunderbird on Windows)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5727
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5727
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5727
CVE-2023-5726 (A website could have obscured the full screen notification by
using th ...)
- firefox <not-affected> (Only affects Firefox on MacOS)
- firefox-esr <not-affected> (Only affects Firefox ESR on MacOS)
+ - thunderbird <not-affected> (Only affects Thunderbird on MacOS)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5726
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5726
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5726
CVE-2023-5725 (A malicious installed WebExtension could open arbitrary URLs,
which un ...)
- firefox <unfixed>
- firefox-esr 115.4.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5725
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5725
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5725
CVE-2023-5724 (Drivers are not always robust to extremely large draw calls and
in som ...)
- firefox <unfixed>
- firefox-esr 115.4.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5724
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5724
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5724
CVE-2023-5723 (An attacker with temporary script access to a site could have
set a co ...)
- firefox <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5723
@@ -291,8 +305,10 @@ CVE-2023-5722 (Using iterative requests an attacker was
able to learn the size o
CVE-2023-5721 (It was possible for certain browser prompts and dialogs to be
activate ...)
- firefox <unfixed>
- firefox-esr 115.4.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-45/#CVE-2023-5721
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5721
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5721
CVE-2023-5746 (A vulnerability regarding use of externally-controlled format
string i ...)
NOT-FOR-US: Synology
CVE-2023-5363 (Issue summary: A bug has been identified in the processing of
key and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acfde2420eadf1a4bacc777f2b36cd34b7e346b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acfde2420eadf1a4bacc777f2b36cd34b7e346b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
