[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable (for mfsa2024-20)

Salvatore Bonaccorso (@carnil) Sun, 21 Apr 2024 12:25:20 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
127a4bc4 by Salvatore Bonaccorso at 2024-04-21T21:24:28+02:00
Track fixed version for thunderbird issues via unstable (for mfsa2024-20)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1881,7 +1881,7 @@ CVE-2024-3302 (There was no limit to the number of HTTP/2 
CONTINUATION frames th
        {DSA-5663-1 DLA-3790-1}
        - firefox 125.0.1-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3302
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3302
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3302
@@ -1892,7 +1892,7 @@ CVE-2024-3864 (Memory safety bug present in Firefox 124, 
Firefox ESR 115.9, and
        {DSA-5663-1 DLA-3790-1}
        - firefox 125.0.1-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3864
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3864
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3864
@@ -1910,7 +1910,7 @@ CVE-2024-3861 (If an AlignedBuffer were assigned to 
itself, the subsequent self-
        {DSA-5663-1 DLA-3790-1}
        - firefox 125.0.1-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3861
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3861
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3861
@@ -1921,7 +1921,7 @@ CVE-2024-3859 (On 32-bit versions there were 
integer-overflows that led to an ou
        {DSA-5663-1 DLA-3790-1}
        - firefox 125.0.1-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3859
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3859
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3859
@@ -1932,7 +1932,7 @@ CVE-2024-3857 (The JIT created incorrect code for 
arguments in certain cases. Th
        {DSA-5663-1 DLA-3790-1}
        - firefox 125.0.1-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3857
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3857
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3857
@@ -1946,7 +1946,7 @@ CVE-2024-3854 (In some code patterns the JIT incorrectly 
optimized switch statem
        {DSA-5663-1 DLA-3790-1}
        - firefox 125.0.1-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3854
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3854
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3854
@@ -1957,7 +1957,7 @@ CVE-2024-3852 (GetBoundName could return the wrong 
version of an object when JIT
        {DSA-5663-1 DLA-3790-1}
        - firefox 125.0.1-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3852
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3852
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3852
@@ -10683,7 +10683,7 @@ CVE-2024-2609 (The permission prompt input delay could 
expire while the window i
        {DSA-5663-1 DLA-3790-1}
        - firefox 124.0-1
        - firefox-esr 115.10.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:115.10.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2609
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-2609
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-2609



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/127a4bc4c433183d0fb25a4248dc89aac7379f53

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/127a4bc4c433183d0fb25a4248dc89aac7379f53
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable (for mfsa2024-20)

Reply via email to