[Git][security-tracker-team/security-tracker][master] Fixes for mfsa2019-14/firefox-esr adressed in unstable
Salvatore Bonaccorso
carnil at debian.org
Wed May 22 08:31:46 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bcb5eacc by Salvatore Bonaccorso at 2019-05-22T07:31:11Z
Fixes for mfsa2019-14/firefox-esr adressed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1218,7 +1218,7 @@ CVE-2019-11699
CVE-2019-11698
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11698
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698
CVE-2019-11697
@@ -1242,19 +1242,19 @@ CVE-2019-11694
CVE-2019-11693
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11693
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693
CVE-2019-11692
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11692
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692
CVE-2019-11691
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11691
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691
CVE-2019-11690 (gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 la ...)
@@ -6555,13 +6555,13 @@ CVE-2019-9821
CVE-2019-9820
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9820
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820
CVE-2019-9819
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9819
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819
CVE-2019-9818
@@ -6573,13 +6573,13 @@ CVE-2019-9818
CVE-2019-9817
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9817
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817
CVE-2019-9816
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9816
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816
CVE-2019-9815
@@ -6642,7 +6642,7 @@ CVE-2019-9801 (Firefox will accept any registered Program ID as an external prot
CVE-2019-9800
RESERVED
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9800
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800
CVE-2019-9799 (Insufficient bounds checking of data during inter-process communicatio ...)
@@ -6653,7 +6653,7 @@ CVE-2019-9798 (On Android systems, Firefox can load a library from APITRACE_LIB,
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9798
CVE-2019-9797 (Cross-origin images can be read in violation of the same-origin policy ...)
- firefox 66.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9797
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797
CVE-2019-9796 (A use-after-free vulnerability can occur when the SMIL animation contr ...)
@@ -12949,7 +12949,7 @@ CVE-2019-7317 (png_image_free in png.c in libpng 1.6.36 has a use-after-free bec
{DSA-4435-1}
- libpng1.6 1.6.36-4 (bug #921355)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
NOTE: https://github.com/glennrp/libpng/issues/275
NOTE: https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
@@ -16670,7 +16670,7 @@ CVE-2019-5798
RESERVED
{DSA-4421-1}
- chromium 73.0.3683.75-1
- - firefox-esr <unfixed>
+ - firefox-esr 60.7.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798
CVE-2019-5797
RESERVED
@@ -34965,8 +34965,10 @@ CVE-2018-18512 (A use-after-free vulnerability can occur while playing a sound n
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2018-18512
CVE-2018-18511 (Cross-origin images can be read from a canvas element in violation of ...)
- firefox 65.0.1-1
+ - firefox-esr 60.7.0esr-1
- skia <itp> (bug #818180)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2018-18511
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2018-18511
CVE-2018-18510 (The about:crashcontent and about:crashparent pages can be triggered by ...)
- firefox 64.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/#CVE-2018-18510
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bcb5eacc8e793546541a0a161872fe1e5df1248a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bcb5eacc8e793546541a0a161872fe1e5df1248a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190522/ed20fa19/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list