Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4138a30e by Salvatore Bonaccorso at 2024-08-07T07:12:57+02:00
Track fixed version for firefox-esr for mfsa2024-34 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -196,7 +196,7 @@ CVE-2024-7532
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2024-7531 (Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same
buffer ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7531
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7531
CVE-2024-7530 (Incorrect garbage collection interaction could have led to a
use-after ...)
@@ -204,7 +204,7 @@ CVE-2024-7530 (Incorrect garbage collection interaction
could have led to a use-
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7530
CVE-2024-7529 (The date picker could partially obscure security prompts. This
could b ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7529
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7529
CVE-2024-7528 (Incorrect garbage collection interaction in IndexedDB could
have led t ...)
@@ -212,22 +212,22 @@ CVE-2024-7528 (Incorrect garbage collection interaction
in IndexedDB could have
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7528
CVE-2024-7527 (Unexpected marking work at the start of sweeping could have led
to a u ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7527
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7527
CVE-2024-7526 (ANGLE failed to initialize parameters which lead to reading
from unini ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7526
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7526
CVE-2024-7525 (It was possible for a web extension with minimal permissions to
create ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7525
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7525
CVE-2024-7524 (Firefox adds web-compatibility shims in place of some tracking
scripts ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7524
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7524
CVE-2024-7523 (A select option could partially obscure security prompts. This
could b ...)
@@ -235,12 +235,12 @@ CVE-2024-7523 (A select option could partially obscure
security prompts. This co
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7523
CVE-2024-7522 (Editor code failed to check an attribute value. This could have
led to ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7522
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7522
CVE-2024-7521 (Incomplete WebAssembly exception handing could have led to a
use-after ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7521
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7521
CVE-2024-7520 (A type confusion bug in WebAssembly could be leveraged by an
attacker ...)
@@ -248,7 +248,7 @@ CVE-2024-7520 (A type confusion bug in WebAssembly could be
leveraged by an atta
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7520
CVE-2024-7519 (Insufficient checks when processing graphics shared memory
could have ...)
- firefox 129.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 115.14.0esr-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7519
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7519
CVE-2024-7518 (Select options could obscure the fullscreen notification
dialog. This ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4138a30e31e68aabfe69c7ed11b0c3f8309b340a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4138a30e31e68aabfe69c7ed11b0c3f8309b340a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
