[Git][security-tracker-team/security-tracker][master] Add CVE-2021-29955/{firefox,firefox-esr}
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 24 22:25:17 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21424b97 by Salvatore Bonaccorso at 2021-06-24T23:25:03+02:00
Add CVE-2021-29955/{firefox,firefox-esr}
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12981,7 +12981,10 @@ CVE-2021-29956 (OpenPGP secret keys that were imported using Thunderbird version
- thunderbird 1:78.10.2-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/#CVE-2021-29956
CVE-2021-29955 (A transient execution vulnerability, named Floating Point Value Inject ...)
- TODO: check
+ - firefox 87.0-1
+ - firefox-esr 78.9.0esr-1
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-10/#CVE-2021-29955
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/#CVE-2021-29955
CVE-2021-29954 (Proxy functionality built into Hubs Cloud’s Reticulum software a ...)
TODO: check
CVE-2021-29953 (A malicious webpage could have forced a Firefox for Android user into ...)
=====================================
data/DLA/list
=====================================
@@ -250,7 +250,7 @@
{CVE-2020-11022 CVE-2020-11023}
[stretch] - jquery 3.1.1-2+deb9u2
[25 Mar 2021] DLA-2607-1 firefox-esr - security update
- {CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987}
+ {CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-29955}
[stretch] - firefox-esr 78.9.0esr-1~deb9u1
[24 Mar 2021] DLA-2606-1 lxml - security update
{CVE-2021-28957}
=====================================
data/DSA/list
=====================================
@@ -175,7 +175,7 @@
{CVE-2021-3449}
[buster] - openssl 1.1.1d-0+deb10u6
[24 Mar 2021] DSA-4874-1 firefox-esr - security update
- {CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987}
+ {CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-29955}
[buster] - firefox-esr 78.9.0esr-1~deb10u1
[23 Mar 2021] DSA-4873-1 squid - security update
{CVE-2020-25097}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21424b971d5d5603941665e5b9ab699ddd35aac4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21424b971d5d5603941665e5b9ab699ddd35aac4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210624/96b4c635/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list