[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues via unstable

Salvatore Bonaccorso (@carnil) Tue, 16 Jun 2026 21:14:28 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a94967cd by Salvatore Bonaccorso at 2026-06-17T06:13:53+02:00
Track fixed version for firefox issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -155,50 +155,50 @@ CVE-2026-12329 (Memory safety bug fixed in Thunderbird 
ESR 140.12. This vulnerab
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12329
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12329
 CVE-2026-12328 (Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 
140.11,  ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12328
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12328
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12328
 CVE-2026-12327 (Memory safety bugs present in Firefox ESR 140.11, Thunderbird 
ESR 140. ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12327
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12327
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12327
 CVE-2026-12326 (Memory safety bugs present in Firefox 151 and Thunderbird 151. 
Some of ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12326
 CVE-2026-12325 (Denial-of-service in the Graphics: ImageLib component. This 
vulnerabil ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12325
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12325
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12325
 CVE-2026-12324 (Incorrect boundary conditions in the Graphics: CanvasWebGL 
component.  ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12324
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12324
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12324
 CVE-2026-12323 (Spoofing issue in the DOM: Core & HTML component. This 
vulnerability w ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12323
 CVE-2026-12322 (Clickjacking issue in the Widget: Gtk component. This 
vulnerability wa ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12322
 CVE-2026-12321 (JIT miscompilation in the JavaScript: WebAssembly component. 
This vuln ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12321
 CVE-2026-12320 (Information disclosure in the Password Manager component. This 
vulnera ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12320
 CVE-2026-12319 (Denial-of-service in the Audio/Video: Playback component. This 
vulnera ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12319
 CVE-2026-12318 (Incorrect boundary conditions in the Libraries component in 
NSS. This  ...)
        - firefox <unfixed>
@@ -206,179 +206,179 @@ CVE-2026-12318 (Incorrect boundary conditions in the 
Libraries component in NSS.
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12318
        TODO: check/clarify for src:nss
 CVE-2026-12317 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12317
 CVE-2026-12316 (Mitigation bypass in the DOM: Security component. This 
vulnerability w ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12316
 CVE-2026-12315 (Mitigation bypass in the DOM: Security component. This 
vulnerability w ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12315
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12315
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12315
 CVE-2026-12314 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12314
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12314
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12314
 CVE-2026-12313 (Information disclosure, sandbox escape in the Security: 
Process Sandbo ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12313
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12313
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12313
 CVE-2026-12312 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12312
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12312
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12312
 CVE-2026-12311 (Information disclosure, sandbox escape in the Security: 
Process Sandbo ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12311
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12311
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12311
 CVE-2026-12310 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12310
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12310
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12310
 CVE-2026-12309 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12309
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12309
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12309
 CVE-2026-12308 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12308
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12308
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12308
 CVE-2026-12307 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12307
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12307
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12307
 CVE-2026-12306 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12306
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12306
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12306
 CVE-2026-12305 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12305
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12305
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12305
 CVE-2026-12304 (Same-origin policy bypass in the Networking: Cookies 
component. This v ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12304
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12304
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12304
 CVE-2026-12303 (Information disclosure due to incorrect boundary conditions in 
the Gra ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12303
 CVE-2026-12302 (Mitigation bypass in the DOM: Security component. This 
vulnerability w ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12302
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12302
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12302
 CVE-2026-12301 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12301
 CVE-2026-12300 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12300
 CVE-2026-12299 (JIT miscompilation in the DOM: Core & HTML component. This 
vulnerabili ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12299
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12299
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12299
 CVE-2026-12298 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12298
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12298
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12298
 CVE-2026-12297 (Sandbox escape due to incorrect boundary conditions in the 
Networking  ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12297
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12297
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12297
 CVE-2026-12296 (Sandbox escape in the Security: Process Sandboxing component. 
This vul ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12296
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12296
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12296
 CVE-2026-12295 (Sandbox escape in the DOM: Navigation component. This 
vulnerability wa ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12295
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12295
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12295
 CVE-2026-12294 (Sandbox escape in the DOM: Workers component. This 
vulnerability was f ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12294
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12294
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12294
 CVE-2026-12293 (Use-after-free in the Graphics: WebGPU component. This 
vulnerability w ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12293
 CVE-2026-12292 (Incorrect boundary conditions in the Web Audio component. This 
vulnera ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12292
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12292
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12292
 CVE-2026-12291 (Use-after-free in the Networking: HTTP component. This 
vulnerability w ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12291
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12291
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12291
 CVE-2026-12290 (Memory safety bug fixed in Thunderbird 152. This vulnerability 
was fix ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12290
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12290
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12290
 CVE-2026-12289 (Privilege escalation in the Graphics: WebRender component. 
This vulner ...)
-       - firefox <unfixed>
+       - firefox 152.0-1
        - firefox-esr 140.12.0esr-1
        - thunderbird <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12289



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a94967cdf626bc84d78f5f72625ba245495f3af0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a94967cdf626bc84d78f5f72625ba245495f3af0
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues via unstable

Reply via email to