[Git][security-tracker-team/security-tracker][master] new tb issues

Fri Feb 15 08:18:32 GMT 2019

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08734fbd by Moritz Muehlenhoff at 2019-02-15T08:17:53Z
new tb issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5965,9 +5965,11 @@ CVE-2019-5785
 	{DSA-4391-1}
 	- firefox 65.0.1-1
 	- firefox-esr 60.5.1esr-1
+	- thunderbird <unfixed>
 	- skia <itp> (bug #818180)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2019-5785
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2019-5785
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2019-5785
 CVE-2019-5784
 	RESERVED
 	- chromium <unfixed>
@@ -23672,6 +23674,8 @@ CVE-2018-18510
 	RESERVED
 CVE-2018-18509
 	RESERVED
+	- thunderbird <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18511
 CVE-2018-18508 [NULL pointer dereference in several CMS functions resulting in a denial of service]
 	RESERVED
 	- nss 2:3.42.1-1 (bug #921614)
@@ -24131,9 +24135,11 @@ CVE-2018-18356 (An integer overflow in path handling lead to a use after free in
 	- chromium 71.0.3578.80-1
 	- firefox 65.0.1-1
 	- firefox-esr 60.5.1esr-1
+	- thunderbird <unfixed>
 	- skia <itp> (bug #818180)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18356
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18356
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18356
 CVE-2018-18355 (Incorrect handling of confusable characters in URL Formatter in Google ...)
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
@@ -24198,8 +24204,10 @@ CVE-2018-18335 (Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578
 	{DSA-4352-1}
 	- chromium 71.0.3578.80-1
 	- firefox-esr <not-affected> (Only affects MacOS specific which had Canvas 2D acceleration enabled)
+	- thunderbird <not-affected> (Only affects MacOS specific which had Canvas 2D acceleration enabled)
 	- skia <itp> (bug #818180)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18335
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18335
 CVE-2018-18334 (A vulnerability in the Private Browser of Trend Micro Dr. Safety for ...)
 	NOT-FOR-US: Trend Micro
 CVE-2018-18333 (A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/08734fbd225838712c4433b1abf4862a1a355291

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/08734fbd225838712c4433b1abf4862a1a355291
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190215/54f79d0d/attachment.html>
