[Git][security-tracker-team/security-tracker][master] new firefox-esr issues
Moritz Muehlenhoff
jmm at debian.org
Tue Sep 3 20:09:56 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
70ab059a by Moritz Muehlenhoff at 2019-09-03T19:09:38Z
new firefox-esr issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -12365,49 +12365,85 @@ CVE-2019-11754
CVE-2019-11753
RESERVED
- firefox <not-affected> (Windows-specific)
+ - firefox-esr <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11753
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11753
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11753
CVE-2019-11752
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11752
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11752
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11752
CVE-2019-11751
RESERVED
- firefox <not-affected> (Windows-specific)
+ - firefox-esr <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11751
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11751
CVE-2019-11750
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
+ [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+ [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11750
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11750
CVE-2019-11749
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
+ [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+ [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11749
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11749
CVE-2019-11748
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
+ [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+ [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11748
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11748
CVE-2019-11747
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
+ [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+ [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11747
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11747
CVE-2019-11746
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11746
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11746
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11746
CVE-2019-11745
RESERVED
CVE-2019-11744
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11744
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11744
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11744
CVE-2019-11743
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11743
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11743
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11743
CVE-2019-11742
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11742
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11742
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11742
CVE-2019-11741
RESERVED
- firefox <unfixed>
@@ -12415,13 +12451,20 @@ CVE-2019-11741
CVE-2019-11740
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11740
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11740
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11740
CVE-2019-11739
RESERVED
CVE-2019-11738
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
+ [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+ [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11738
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11738
CVE-2019-11737
RESERVED
- firefox <unfixed>
@@ -12429,11 +12472,17 @@ CVE-2019-11737
CVE-2019-11736
RESERVED
- firefox <not-affected> (Windows-specific)
+ - firefox-esr <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11736
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11736
CVE-2019-11735
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
+ [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+ [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11735
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11735
CVE-2019-11734
RESERVED
- firefox <unfixed>
@@ -18580,7 +18629,10 @@ CVE-2019-9813 (Incorrect handling of __proto__ mutations may lead to type confus
CVE-2019-9812
RESERVED
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-9812
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-9812
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-9812
CVE-2019-9811 (As part of a winning Pwn2Own entry, a researcher demonstrated a sandbo ...)
{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
- firefox 68.0-1
=====================================
data/dsa-needed.txt
=====================================
@@ -23,6 +23,8 @@ evince/oldstable
faad2
not yet fixed upstream
--
+firefox-esr (jmm)
+--
freeimage
--
ghostscript (carnil)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70ab059a87a651b6ed52fcfcf4456fbd52368f6b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/70ab059a87a651b6ed52fcfcf4456fbd52368f6b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190903/b5e6db9b/attachment.html>
More information about the debian-security-tracker-commits
mailing list