Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7c4ef70b by Salvatore Bonaccorso at 2024-05-15T06:17:37+02:00
Track fixed version for firefox for mfsa2024-21 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -404,56 +404,56 @@ CVE-2023-36640 (A use of externally-controlled format
string in Fortinet FortiPr
CVE-2023-35841 (Exposed IOCTL with Insufficient Access Control in Phoenix
WinFlash Dri ...)
TODO: check
CVE-2024-4778 (Memory safety bugs present in Firefox 125. Some of these bugs
showed e ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4778
CVE-2024-4777 (Memory safety bugs present in Firefox 125, Firefox ESR 115.10,
and Thu ...)
- - firefox <unfixed>
+ - firefox 126.0-1
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4777
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4777
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4777
CVE-2024-4776 (A file dialog shown while in full-screen mode could have
resulted in t ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4776
CVE-2024-4775 (An iterator stop condition was missing when handling WASM code
in the ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4775
CVE-2024-4774 (The `ShmemCharMapHashEntry()` code was susceptible to
potentially unde ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4774
CVE-2024-4773 (When a network error occurred during page load, the prior
content coul ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4773
CVE-2024-4772 (An HTTP digest authentication nonce value was generated using
`rand()` ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4772
CVE-2024-4771 (A memory allocation check was missing which would lead to a
use-after- ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4771
CVE-2024-4770 (When saving a page to PDF, certain font styles could have led
to a pot ...)
- - firefox <unfixed>
+ - firefox 126.0-1
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4770
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4770
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769
CVE-2024-4769 (When importing resources using Web Workers, error messages
would disti ...)
- - firefox <unfixed>
+ - firefox 126.0-1
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4769
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4769
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769
CVE-2024-4768 (A bug in popup notifications' interaction with WebAuthn made it
easier ...)
- - firefox <unfixed>
+ - firefox 126.0-1
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4768
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4768
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4768
CVE-2024-4767 (If the `browser.privatebrowsing.autostart` preference is
enabled, Inde ...)
- - firefox <unfixed>
+ - firefox 126.0-1
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4767
@@ -466,14 +466,14 @@ CVE-2024-4765 (Web application manifests were stored by
using an insecure MD5 ha
- firefox <not-affected> (Android-specific)
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4765
CVE-2024-4367 (A type check was missing when handling fonts in PDF.js, which
would al ...)
- - firefox <unfixed>
+ - firefox 126.0-1
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4367
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4367
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4367
CVE-2024-4764 (Multiple WebRTC threads could have claimed a newly connected
audio inp ...)
- - firefox <unfixed>
+ - firefox 126.0-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4764
CVE-2024-4855 (Use after free issue in editcap could cause denial of service
via craf ...)
- wireshark <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c4ef70b2b6020808c8f8b91a6202ac0cc42590d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c4ef70b2b6020808c8f8b91a6202ac0cc42590d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
