Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
66a5956a by Salvatore Bonaccorso at 2024-07-16T21:46:42+02:00
Add thunderbird issues from mfsa2024-31
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2664,32 +2664,42 @@ CVE-2024-6604 (Memory safety bugs present in Firefox
127, Firefox ESR 115.12, an
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6604
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6604
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6604
CVE-2024-6603 (In an out-of-memory scenario an allocation could fail but free
would h ...)
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6603
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6603
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6603
CVE-2024-6602 (A mismatch between allocator and deallocator could have lead to
memory ...)
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6602
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602
TODO: check how its related to src:nss and if src:nss tracking is
necessary
CVE-2024-6601 (A race condition could lead to a cross-origin container
obtaining perm ...)
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6601
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6601
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6601
CVE-2024-6600 (Due to large allocation checks in Angle for GLSL shaders being
too len ...)
- firefox <not-affected> (Only affects Firefox on MacOS)
- firefox-esr <not-affected> (Only affects Firefox on MacOS)
+ - thunderbird <not-affected> (Only affects Firefox on MacOS)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6600
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6600
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6600
CVE-2024-39487 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 6.9.9-1
NOTE:
https://git.kernel.org/linus/e271ff53807e8f2c628758290f0e499dbe51cb3d (6.10-rc7)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a5956ac4ccc70fa316f518fe017100feb69023
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a5956ac4ccc70fa316f518fe017100feb69023
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
