[Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 6 22:11:02 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
980643e6 by Moritz Muehlenhoff at 2019-12-06T22:10:36Z
new thunderbird issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -11252,32 +11252,42 @@ CVE-2019-17012
RESERVED
- firefox 71.0-1
- firefox-esr 68.3.0esr-1
+ - thunderbird 1:68.3.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17012
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17012
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17012
CVE-2019-17011
RESERVED
- firefox 71.0-1
- firefox-esr 68.3.0esr-1
+ - thunderbird 1:68.3.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17011
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17011
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17011
CVE-2019-17010
RESERVED
- firefox 71.0-1
- firefox-esr 68.3.0esr-1
+ - thunderbird 1:68.3.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17010
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17010
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17010
CVE-2019-17009
RESERVED
- firefox <not-affected> (Updater not used in Debian packages)
- firefox-esr <not-affected> (Updater not used in Debian packages)
+ - thunderbird <not-affected> (Updater not used in Debian packages)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17009
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17009
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17009
CVE-2019-17008
RESERVED
- firefox 71.0-1
- firefox-esr 68.3.0esr-1
+ - thunderbird 1:68.3.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17008
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17008
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17008
CVE-2019-17007 [nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS]
RESERVED
{DLA-2015-1}
@@ -11293,8 +11303,10 @@ CVE-2019-17005
RESERVED
- firefox 71.0-1
- firefox-esr 68.3.0esr-1
+ - thunderbird 1:68.3.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17005
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17005
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17005
CVE-2019-17004
RESERVED
CVE-2019-17003
@@ -21228,8 +21240,10 @@ CVE-2019-13722
RESERVED
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
+ - thunderbird <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-13722
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-13722
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-13722
CVE-2019-13721 (Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowe ...)
{DSA-4562-1}
- chromium 78.0.3904.87-1
=====================================
data/dsa-needed.txt
=====================================
@@ -69,6 +69,8 @@ squid3/oldstable
sssd
Maintainer prepared an update and proposed debdiff, acked for upload, but update needs further testing before release.
--
+thunderbird (jmm)
+--
tiff
Maintainer working on updates
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/980643e6c2d264f2f90afb12e14065a9e3bd5469
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/980643e6c2d264f2f90afb12e14065a9e3bd5469
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191206/8961e9be/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list