Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7c4ef70b by Salvatore Bonaccorso at 2024-05-15T06:17:37+02:00 Track fixed version for firefox for mfsa2024-21 issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -404,56 +404,56 @@ CVE-2023-36640 (A use of externally-controlled format string in Fortinet FortiPr CVE-2023-35841 (Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Dri ...) TODO: check CVE-2024-4778 (Memory safety bugs present in Firefox 125. Some of these bugs showed e ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4778 CVE-2024-4777 (Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thu ...) - - firefox <unfixed> + - firefox 126.0-1 - firefox-esr <unfixed> - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4777 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4777 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4777 CVE-2024-4776 (A file dialog shown while in full-screen mode could have resulted in t ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4776 CVE-2024-4775 (An iterator stop condition was missing when handling WASM code in the ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4775 CVE-2024-4774 (The `ShmemCharMapHashEntry()` code was susceptible to potentially unde ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4774 CVE-2024-4773 (When a network error occurred during page load, the prior content coul ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4773 CVE-2024-4772 (An HTTP digest authentication nonce value was generated using `rand()` ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4772 CVE-2024-4771 (A memory allocation check was missing which would lead to a use-after- ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4771 CVE-2024-4770 (When saving a page to PDF, certain font styles could have led to a pot ...) - - firefox <unfixed> + - firefox 126.0-1 - firefox-esr <unfixed> - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4770 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4770 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769 CVE-2024-4769 (When importing resources using Web Workers, error messages would disti ...) - - firefox <unfixed> + - firefox 126.0-1 - firefox-esr <unfixed> - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4769 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4769 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769 CVE-2024-4768 (A bug in popup notifications' interaction with WebAuthn made it easier ...) - - firefox <unfixed> + - firefox 126.0-1 - firefox-esr <unfixed> - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4768 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4768 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4768 CVE-2024-4767 (If the `browser.privatebrowsing.autostart` preference is enabled, Inde ...) - - firefox <unfixed> + - firefox 126.0-1 - firefox-esr <unfixed> - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4767 @@ -466,14 +466,14 @@ CVE-2024-4765 (Web application manifests were stored by using an insecure MD5 ha - firefox <not-affected> (Android-specific) NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4765 CVE-2024-4367 (A type check was missing when handling fonts in PDF.js, which would al ...) - - firefox <unfixed> + - firefox 126.0-1 - firefox-esr <unfixed> - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4367 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4367 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4367 CVE-2024-4764 (Multiple WebRTC threads could have claimed a newly connected audio inp ...) - - firefox <unfixed> + - firefox 126.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4764 CVE-2024-4855 (Use after free issue in editcap could cause denial of service via craf ...) - wireshark <unfixed> View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c4ef70b2b6020808c8f8b91a6202ac0cc42590d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c4ef70b2b6020808c8f8b91a6202ac0cc42590d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits