Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e5574921 by Salvatore Bonaccorso at 2025-06-11T22:19:39+02:00
Remove annotations related to rejected CVE-2025-3877
As per mozilla: remove CVE-2025-3877 which was mistakenly marked as
fixed. This vulnerability was fixed in Thunderbird 128.11.1/139.0.2
under the identifier CVE-2025-5986.
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8325,9 +8325,6 @@ CVE-2025-3909 (Thunderbird's handling of the
X-Mozilla-External-Attachment-URL h
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3909
CVE-2025-3877
REJECTED
- {DSA-5921-1 DLA-4167-1}
- - thunderbird 1:128.10.1esr-1
- NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2025-34/#CVE-2025-3877
CVE-2025-3875 (Thunderbird parses addresses in a way that can allow sender
spoofing i ...)
{DSA-5921-1 DLA-4167-1}
- thunderbird 1:128.10.1esr-1
=====================================
data/DLA/list
=====================================
@@ -135,7 +135,7 @@
{CVE-2024-10394 CVE-2024-10396 CVE-2024-10397}
[bullseye] - openafs 1.8.6-5+deb11u1
[16 May 2025] DLA-4167-1 thunderbird - security update
- {CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 CVE-2025-4083 CVE-2025-4087
CVE-2025-4091 CVE-2025-4093 CVE-2025-3875 CVE-2025-3877 CVE-2025-3909
CVE-2025-3932}
+ {CVE-2025-2830 CVE-2025-3522 CVE-2025-3523 CVE-2025-4083 CVE-2025-4087
CVE-2025-4091 CVE-2025-4093 CVE-2025-3875 CVE-2025-3909 CVE-2025-3932}
[bullseye] - thunderbird 1:128.10.1esr-1~deb11u1
[16 May 2025] DLA-4166-1 xrdp - security update
{CVE-2023-40184 CVE-2023-42822 CVE-2024-39917}
=====================================
data/DSA/list
=====================================
@@ -62,7 +62,7 @@
{CVE-2025-4918 CVE-2025-4919}
[bookworm] - firefox-esr 128.10.1esr-1~deb12u1
[16 May 2025] DSA-5921-1 thunderbird - security update
- {CVE-2025-3875 CVE-2025-3877 CVE-2025-3909 CVE-2025-3932}
+ {CVE-2025-3875 CVE-2025-3909 CVE-2025-3932}
[bookworm] - thunderbird 1:128.10.1esr-1~deb12u1
[15 May 2025] DSA-5920-1 chromium - security update
{CVE-2025-4609 CVE-2025-4664}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5574921266afca9ac86d1bb44bb017694cfea05
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5574921266afca9ac86d1bb44bb017694cfea05
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
