Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64951bf9 by Salvatore Bonaccorso at 2025-05-19T06:34:25+02:00
Update CVEs for firefox-esr and firefsox from mfsa2025-36 and mfsa2025-37
The original CVEs got rejected in as they were duplicates of
CVE-2025-4918 and CVE-2025-4919. Update our tracking accordingly.
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49,10 +49,16 @@ CVE-2025-4867 (A vulnerability was found in Tenda A15
15.13.07.13. It has been d
CVE-2025-48219 (O2 UK through 2025-05-17 allows subscribers to determine the
Cell ID o ...)
NOT-FOR-US: O2 UK
CVE-2025-4919 (An attacker was able to perform an out-of-bounds read or write
on a Ja ...)
- - firefox-esr <not-affected> (Only affects the 115 series of Firefox
ESR)
+ - firefox 138.0.4-1
+ - firefox-esr 128.10.1esr-1
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-36/#CVE-2025-4919
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-37/#CVE-2025-4919
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-38/#CVE-2025-4919
CVE-2025-4918 (An attacker was able to perform an out-of-bounds read or write
on a Ja ...)
- - firefox-esr <not-affected> (Only affects the 115 series of Firefox
ESR)
+ - firefox 138.0.4-1
+ - firefox-esr 128.10.1esr-1
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-36/#CVE-2025-4918
+ NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-37/#CVE-2025-4918
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-38/#CVE-2025-4918
CVE-2025-4866 (A vulnerability was found in weibocom rill-flow 0.1.18. It has
been cl ...)
NOT-FOR-US: rill-flow
@@ -106,18 +112,8 @@ CVE-2025-3715 (The Bold Page Builder plugin for WordPress
is vulnerable to Store
NOT-FOR-US: WordPress plugin
CVE-2025-4921
REJECTED
- {DSA-5922-1}
- - firefox 138.0.4-1
- - firefox-esr 128.10.1esr-1
- NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-36/#CVE-2025-4921
- NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-37/#CVE-2025-4921
CVE-2025-4920
REJECTED
- {DSA-5922-1}
- - firefox 138.0.4-1
- - firefox-esr 128.10.1esr-1
- NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-36/#CVE-2025-4920
- NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-37/#CVE-2025-4920
CVE-2025-4836 (A vulnerability was found in Projectworlds Life Insurance
Management S ...)
NOT-FOR-US: Project Worlds
CVE-2025-4835 (A vulnerability was found in TOTOLINK A702R, A3002R and A3002RU
3.0.0- ...)
=====================================
data/DSA/list
=====================================
@@ -2,7 +2,7 @@
{CVE-2025-46836}
[bookworm] - net-tools 2.10-0.1+deb12u1
[18 May 2025] DSA-5922-1 firefox-esr - security update
- {CVE-2025-4920 CVE-2025-4921}
+ {CVE-2025-4918 CVE-2025-4919}
[bookworm] - firefox-esr 128.10.1esr-1~deb12u1
[16 May 2025] DSA-5921-1 thunderbird - security update
{CVE-2025-3875 CVE-2025-3877 CVE-2025-3909 CVE-2025-3932}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64951bf92ddd21e15c0bbb1b4567fd9b876e1c9b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64951bf92ddd21e15c0bbb1b4567fd9b876e1c9b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
