Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2a5afc8 by Salvatore Bonaccorso at 2024-10-30T06:52:27+01:00
Track fixed version for firefox-esr via unstable for mfsa2024-56 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -236,28 +236,28 @@ CVE-2017-20195 (A vulnerability was found in LUNAD3v
AreaLoad up to 1a1103182ed6
TODO: check
CVE-2024-10467 (Memory safety bugs present in Firefox 131, Firefox ESR 128.3,
and Thun ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10467
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10467
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10467
CVE-2024-10466 (By sending a specially crafted push message, a remote server
could hav ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10466
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10466
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10466
CVE-2024-10465 (A clipboard "paste" button could persist across tabs which
allowed a s ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10465
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10465
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10465
CVE-2024-10464 (Repeated writes to history interface attributes could have
been used t ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10464
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10464
@@ -267,42 +267,42 @@ CVE-2024-10468 (Potential race conditions in IndexedDB
could have caused memory
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10468
CVE-2024-10463 (Video frames could have been leaked between origins in some
situations ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10463
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10463
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10463
CVE-2024-10462 (Truncation of a long URL could have allowed origin spoofing in
a permi ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10462
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10462
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10462
CVE-2024-10461 (In multipart/x-mixed-replace responses, `Content-Disposition:
attachme ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10461
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10461
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10461
CVE-2024-10460 (The origin of an external protocol handler prompt could have
been obsc ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10460
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10460
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10460
CVE-2024-10459 (An attacker could have caused a use-after-free when
accessibility was ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10459
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10459
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10459
CVE-2024-10458 (A permission leak could have occurred from a trusted site to
an untrus ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.4.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10458
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10458
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2a5afc840d8a1c588cb6d1b49f6361910af26a8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2a5afc840d8a1c588cb6d1b49f6361910af26a8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
