[Git][security-tracker-team/security-tracker][master] new firefox-esr issues

Moritz Muehlenhoff jmm at debian.org
Wed Sep 5 17:08:02 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
744ecf13 by Moritz Muehlenhoff at 2018-09-05T16:07:38Z
new firefox-esr issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -10138,25 +10138,35 @@ CVE-2018-12382
 CVE-2018-12381
 	RESERVED
 	- firefox <not-affected> (Windows-specific)
+	- firefox-esr <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12381
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12381
 CVE-2018-12380
 	RESERVED
 CVE-2018-12379
 	RESERVED
 	- firefox <unfixed> (unimportant)
+	- firefox-esr <unfixed> (unimportant)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12379
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12379
 CVE-2018-12378
 	RESERVED
 	- firefox <unfixed>
+	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12378
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12378
 CVE-2018-12377
 	RESERVED
 	- firefox <unfixed>
+	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12377
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12377
 CVE-2018-12376
 	RESERVED
 	- firefox <unfixed>
+	- firefox-esr <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12376
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12376
 CVE-2018-12375
 	RESERVED
 	- firefox <unfixed>
@@ -47005,9 +47015,11 @@ CVE-2017-16542 (Zoho ManageEngine Applications Manager 13 before build 13500 all
 	NOT-FOR-US: Zoho
 CVE-2017-16541 (Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to ...)
 	- firefox <unfixed>
+	- firefox-esr <unfixed>
 	NOTE: https://trac.torproject.org/projects/tor/ticket/24052
 	NOTE: https://blog.torproject.org/tor-browser-709-released
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2017-16541
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2017-16541
 CVE-2017-16540 (OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database ...)
 	NOT-FOR-US: OpenEMR
 CVE-2017-16539 (The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -24,6 +24,8 @@ chromium-browser
 --
 enigmail
 --
+firefox-esr (jmm)
+--
 ghostscript (jmm)
   needs some research on issues found by Tavis
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/744ecf13076b7c8323f66c143728f81b701404ad

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/744ecf13076b7c8323f66c143728f81b701404ad
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180905/9aed8fdc/attachment.html>

More information about the debian-security-tracker-commits mailing list