[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr uploaded via unstable

Salvatore Bonaccorso (@carnil) Wed, 12 Nov 2025 00:26:29 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5d0e0016 by Salvatore Bonaccorso at 2025-11-12T09:24:32+01:00
Track fixed version for firefox-esr uploaded via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -467,37 +467,37 @@ CVE-2017-20210 (Photo Station 5.4.1 & 5.2.7 include the 
security fix for the vul
        NOT-FOR-US: QNAP
 CVE-2025-13015 (Spoofing issue in Firefox. This vulnerability affects Firefox 
< 145, F ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13015
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13015
 CVE-2025-13014 (Use-after-free in the Audio/Video component. This 
vulnerability affect ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13014
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13014
 CVE-2025-13020 (Use-after-free in the WebRTC: Audio/Video component. This 
vulnerabilit ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13020
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13020
 CVE-2025-13013 (Mitigation bypass in the DOM: Core & HTML component. This 
vulnerabilit ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13013
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13013
 CVE-2025-13019 (Same-origin policy bypass in the DOM: Workers component. This 
vulnerab ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13019
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13019
 CVE-2025-13018 (Mitigation bypass in the DOM: Security component. This 
vulnerability a ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13018
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13018
 CVE-2025-13017 (Same-origin policy bypass in the DOM: Notifications component. 
This vu ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13017
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13017
 CVE-2025-13026 (Sandbox escape due to incorrect boundary conditions in the 
Graphics: W ...)
@@ -511,7 +511,7 @@ CVE-2025-13024 (JIT miscompilation in the JavaScript 
Engine: JIT component. This
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13024
 CVE-2025-13016 (Incorrect boundary conditions in the JavaScript: WebAssembly 
component ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13016
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13016
 CVE-2025-13023 (Sandbox escape due to incorrect boundary conditions in the 
Graphics: W ...)
@@ -519,7 +519,7 @@ CVE-2025-13023 (Sandbox escape due to incorrect boundary 
conditions in the Graph
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13023
 CVE-2025-13012 (Race condition in the Graphics component. This vulnerability 
affects F ...)
        - firefox 145.0-1
-       - firefox-esr <unfixed>
+       - firefox-esr 140.5.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-87/#CVE-2025-13012
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-88/#CVE-2025-13012
 CVE-2025-13022 (Incorrect boundary conditions in the Graphics: WebGPU 
component. This  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d0e0016c009ff6cd9d3ed0661d2886dabf087a4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d0e0016c009ff6cd9d3ed0661d2886dabf087a4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr uploaded via unstable

Reply via email to