[Git][security-tracker-team/security-tracker][master] new thunderbird issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Dec 20 16:19:10 GMT 2021



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
74aea47a by Moritz Muehlenhoff at 2021-12-20T17:18:44+01:00
new thunderbird issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -468,6 +468,8 @@ CVE-2021-4127
 	RESERVED
 CVE-2021-4126
 	RESERVED
+	- thunderbird 1:91.4.1-1
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-55/#CVE-2021-4126
 CVE-2021-26264
 	RESERVED
 CVE-2021-23173
@@ -2344,6 +2346,8 @@ CVE-2021-44538 (The olm_session_describe function in Matrix libolm before 3.2.7
 	- olm 3.2.8~dfsg-1 (bug #1001664)
 	[buster] - olm <not-affected> (Vulnerable code introduced later)
 	- node-matrix-js-sdk <unfixed>
+	- thunderbird 1:91.4.1-1
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-55/#CVE-2021-4126
 	NOTE: https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk/
 	NOTE: Introduced by: https://gitlab.matrix.org/matrix-org/olm/-/commit/39a1ee0b18f0fced6d7bc293cc9a46ea70ec9e96 (3.1.4)
 	NOTE: Fixed by: https://gitlab.matrix.org/matrix-org/olm/-/commit/c23ce70fc66c26db5839ddb5a3b46d4c3d3abed6 (3.2.8)
@@ -8129,7 +8133,7 @@ CVE-2021-3916 (bookstack is vulnerable to Improper Limitation of a Pathname to a
 CVE-2015-10001 (The WP-Stats WordPress plugin before 2.52 does not have CSRF check whe ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-43083 (Apache PLC4X - PLC4C (Only the C language implementation was effected) ...)
-	NOT-FOR-US: Apche PLC4X
+	NOT-FOR-US: Apache PLC4X
 CVE-2021-43082 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
 	- trafficserver 9.1.1+ds-1
 	[bullseye] - trafficserver <not-affected> (Vulnerable code not present, introduced in 9.x)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74aea47a0e4cefcc558f29332e64e23b4bbb6335

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74aea47a0e4cefcc558f29332e64e23b4bbb6335
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211220/4d61fbb0/attachment.htm>


More information about the debian-security-tracker-commits mailing list