[Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff
jmm at debian.org
Mon Oct 8 22:30:50 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
406bf910 by Moritz Muehlenhoff at 2018-10-08T21:30:17Z
new thunderbird issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -13918,8 +13918,10 @@ CVE-2018-12385
{DSA-4304-1}
- firefox 62.0.2-1
- firefox-esr 60.2.1esr-1
+ - thunderbird 1:60.2.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-22/#CVE-2018-12385
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/#CVE-2018-12385
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12385
CVE-2018-12384 [ServerHello.random is all zero when handling a v2-compatible ClientHello]
RESERVED
- nss 2:3.39-1 (low; bug #908332)
@@ -13934,8 +13936,10 @@ CVE-2018-12383
{DSA-4304-1}
- firefox 62.0-1
- firefox-esr 60.2.1esr-1
+ - thunderbird 1:60.2.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12383
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/#CVE-2018-12383
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12383
CVE-2018-12382
RESERVED
- firefox <not-affected> (Android-specific)
@@ -13953,29 +13957,37 @@ CVE-2018-12379
- firefox 62.0-1 (unimportant)
- firefox-esr 60.2.0esr-1 (unimportant)
[stretch] - firefox-esr 60.2.0esr-1~deb9u2
+ - thunderbird 1:60.2.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12379
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12379
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12379
CVE-2018-12378
RESERVED
{DSA-4287-1}
- firefox 62.0-1
- firefox-esr 60.2.0esr-1
+ - thunderbird 1:60.2.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12378
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12378
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12378
CVE-2018-12377
RESERVED
{DSA-4287-1}
- firefox 62.0-1
- firefox-esr 60.2.0esr-1
+ - thunderbird 1:60.2.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12377
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12377
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12377
CVE-2018-12376
RESERVED
{DSA-4287-1}
- firefox 62.0-1
- firefox-esr 60.2.0esr-1
+ - thunderbird 1:60.2.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12376
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12376
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12376
CVE-2018-12375
RESERVED
- firefox 62.0-1
@@ -51035,10 +51047,12 @@ CVE-2017-16541 (Tor Browser before 7.0.9 on macOS and Linux allows remote attack
- firefox 62.0-1 (unimportant)
- firefox-esr 60.2.0esr-1 (unimportant)
[stretch] - firefox-esr 60.2.0esr-1~deb9u2
+ - thunderbird 1:60.2.1-1
NOTE: https://trac.torproject.org/projects/tor/ticket/24052
NOTE: https://blog.torproject.org/tor-browser-709-released
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2017-16541
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2017-16541
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2017-16541
CVE-2017-16540 (OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database ...)
NOT-FOR-US: OpenEMR
CVE-2017-16539 (The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -75,6 +75,8 @@ sssd
--
symfony
--
+thunderbird (jmm)
+--
wesnoth-1.12
--
wireshark (jmm)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/406bf91042e71710a2257dbc95e915d5949d610e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/406bf91042e71710a2257dbc95e915d5949d610e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181008/44baebd4/attachment.html>
More information about the debian-security-tracker-commits
mailing list