[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox via unstable

Salvatore Bonaccorso (@carnil) Tue, 19 Dec 2023 21:42:50 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fc90a8f8 by Salvatore Bonaccorso at 2023-12-20T06:41:53+01:00
Track fixed version for firefox via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -108,87 +108,87 @@ CVE-2023-6862 (A use-after-free was identified in the 
`nsDNSService::Init`.  Thi
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6862
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6862
 CVE-2023-6873 (Memory safety bugs present in Firefox 120. Some of these bugs 
showed e ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6873
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6873
 CVE-2023-6864 (Memory safety bugs present in Firefox 120, Firefox ESR 115.5, 
and Thun ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6864
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6864
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6864
 CVE-2023-6863 (The `ShutdownObserver()` was susceptible to potentially 
undefined beha ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6863
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6863
 CVE-2023-6872 (Browser tab titles were being leaked by GNOME to system logs. 
This cou ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6872
 CVE-2023-6871 (Under certain conditions, Firefox did not display a warning 
when a use ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6871
 CVE-2023-6870 (Applications which spawn a Toast notification in a background 
thread m ...)
        - firefox <not-affected> (Android-specific)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6870
 CVE-2023-6869 (A `&lt;dialog>` element could have been manipulated to paint 
content o ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6869
 CVE-2023-6868 (In some instances, the user-agent would allow push requests 
which lack ...)
        - firefox <not-affected> (Android-specific)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6868
 CVE-2023-6861 (The `nsWindow::PickerOpen(void)` method was susceptible to a 
heap buff ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6861
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6861
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6861
 CVE-2023-6867 (The timing of a button click causing a popup to disappear was 
approxim ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6867
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6867
 CVE-2023-6860 (The `VideoBridge` allowed any content process to use textures 
produced ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6860
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6860
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6860
 CVE-2023-6866 (TypedArrays can be fallible and lacked proper exception 
handling. This ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6866
 CVE-2023-6859 (A use-after-free condition affected TLS socket creation when 
under mem ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6859
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6859
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6859
 CVE-2023-6858 (Firefox was susceptible to a heap buffer overflow in 
`nsTextFragment`  ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6858
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6858
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6858
 CVE-2023-6857 (When resolving a symlink, a race may occur where the buffer 
passed to  ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6857
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-55/#CVE-2023-6857
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6857
 CVE-2023-6865 (`EncryptingOutputStream` was susceptible to exposing 
uninitialized dat ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6865
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-54/#CVE-2023-6865
 CVE-2023-6856 (The WebGL `DrawElementsInstanced` method was susceptible to a 
heap buf ...)
-       - firefox <unfixed>
+       - firefox 121.0-1
        - firefox-esr 115.6.0esr-1
        - thunderbird 1:115.6.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-56/#CVE-2023-6856



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc90a8f865419da13ce548bc63baddc54575d1a5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc90a8f865419da13ce548bc63baddc54575d1a5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox via unstable

Reply via email to