Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b82d4ae7 by Salvatore Bonaccorso at 2026-06-17T06:11:49+02:00
Track fixed version for firefox-esr issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -145,25 +145,25 @@ CVE-2026-12412
CVE-2026-12398 (A command injection vulnerability was found in galaxy_ng. The
do_git_c ...)
TODO: check
CVE-2026-12330 (Incorrect boundary conditions in the Internationalization
component. T ...)
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12330
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12330
CVE-2026-12329 (Memory safety bug fixed in Thunderbird ESR 140.12. This
vulnerability ...)
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12329
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12329
CVE-2026-12328 (Memory safety bugs present in Firefox ESR 115.36, Firefox ESR
140.11, ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12328
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12328
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12328
CVE-2026-12327 (Memory safety bugs present in Firefox ESR 140.11, Thunderbird
ESR 140. ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12327
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12327
@@ -173,14 +173,14 @@ CVE-2026-12326 (Memory safety bugs present in Firefox 151
and Thunderbird 151. S
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12326
CVE-2026-12325 (Denial-of-service in the Graphics: ImageLib component. This
vulnerabil ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12325
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12325
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12325
CVE-2026-12324 (Incorrect boundary conditions in the Graphics: CanvasWebGL
component. ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12324
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12324
@@ -213,84 +213,84 @@ CVE-2026-12316 (Mitigation bypass in the DOM: Security
component. This vulnerabi
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12316
CVE-2026-12315 (Mitigation bypass in the DOM: Security component. This
vulnerability w ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12315
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12315
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12315
CVE-2026-12314 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12314
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12314
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12314
CVE-2026-12313 (Information disclosure, sandbox escape in the Security:
Process Sandbo ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12313
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12313
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12313
CVE-2026-12312 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12312
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12312
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12312
CVE-2026-12311 (Information disclosure, sandbox escape in the Security:
Process Sandbo ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12311
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12311
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12311
CVE-2026-12310 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12310
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12310
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12310
CVE-2026-12309 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12309
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12309
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12309
CVE-2026-12308 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12308
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12308
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12308
CVE-2026-12307 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12307
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12307
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12307
CVE-2026-12306 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12306
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12306
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12306
CVE-2026-12305 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12305
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12305
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12305
CVE-2026-12304 (Same-origin policy bypass in the Networking: Cookies
component. This v ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12304
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12304
@@ -300,7 +300,7 @@ CVE-2026-12303 (Information disclosure due to incorrect
boundary conditions in t
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12303
CVE-2026-12302 (Mitigation bypass in the DOM: Security component. This
vulnerability w ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12302
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12302
@@ -313,42 +313,42 @@ CVE-2026-12300 (Memory safety bug fixed in Thunderbird
152. This vulnerability w
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12300
CVE-2026-12299 (JIT miscompilation in the DOM: Core & HTML component. This
vulnerabili ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12299
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12299
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12299
CVE-2026-12298 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12298
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12298
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12298
CVE-2026-12297 (Sandbox escape due to incorrect boundary conditions in the
Networking ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12297
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12297
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12297
CVE-2026-12296 (Sandbox escape in the Security: Process Sandboxing component.
This vul ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12296
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12296
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12296
CVE-2026-12295 (Sandbox escape in the DOM: Navigation component. This
vulnerability wa ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12295
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12295
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12295
CVE-2026-12294 (Sandbox escape in the DOM: Workers component. This
vulnerability was f ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12294
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12294
@@ -358,28 +358,28 @@ CVE-2026-12293 (Use-after-free in the Graphics: WebGPU
component. This vulnerabi
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12293
CVE-2026-12292 (Incorrect boundary conditions in the Web Audio component. This
vulnera ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12292
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12292
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12292
CVE-2026-12291 (Use-after-free in the Networking: HTTP component. This
vulnerability w ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12291
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12291
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12291
CVE-2026-12290 (Memory safety bug fixed in Thunderbird 152. This vulnerability
was fix ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12290
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12290
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12290
CVE-2026-12289 (Privilege escalation in the Graphics: WebRender component.
This vulner ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12289
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12289
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b82d4ae72595baa57077be12538d4d0e77a36afd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b82d4ae72595baa57077be12538d4d0e77a36afd
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
