[Git][security-tracker-team/security-tracker][master] "new" firefox issue
Moritz Muehlenhoff
jmm at debian.org
Fri Jul 10 23:08:05 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc68fd18 by Moritz Muehlenhoff at 2020-07-11T00:07:38+02:00
"new" firefox issue
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7967,11 +7967,13 @@ CVE-2020-12415 (When "%2F" was present in a manifest URL, Firefox's AppCache beh
- firefox 78.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-24/#CVE-2020-12415
CVE-2020-12414 (IndexedDB should be cleared when leaving private browsing mode and it ...)
- TODO: check
+ - firefox <not-affected> (Specific to Firefox on iOS)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-23/#CVE-2020-12414
CVE-2020-12413
RESERVED
CVE-2020-12412 (By navigating a tab using the history API, an attacker could cause the ...)
- TODO: check
+ - firefox 70.0-1
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-23/#CVE-2020-12414
CVE-2020-12411 (Mozilla developers reported memory safety bugs present in Firefox 76. ...)
- firefox 77.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-20/#CVE-2020-12411
@@ -56482,8 +56484,10 @@ CVE-2019-14102
RESERVED
CVE-2019-14101
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-14100
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-14099
RESERVED
CVE-2019-14098 (Possible buffer overflow in data offload handler due to lack of check ...)
@@ -56498,6 +56502,7 @@ CVE-2019-14094 (Integer overflow in diag command handler when user inputs a larg
NOT-FOR-US: Snapdragon
CVE-2019-14093
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-14092 (System Services exports services without permission protect and can le ...)
NOT-FOR-US: Snapdragon
CVE-2019-14091 (Double free issue in NPU due to lack of resource locking mechanism to ...)
@@ -56610,6 +56615,7 @@ CVE-2019-14038 (Buffer over-read in ADSP parse function due to lack of check for
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14037
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-14036 (Possible buffer overflow issue in error processing due to improper val ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14035
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc68fd181e28022c068d88cc05a802dae51e074e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc68fd181e28022c068d88cc05a802dae51e074e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200710/b9f2bef5/attachment.html>
More information about the debian-security-tracker-commits
mailing list