[Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 31 09:30:21 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
006b92fb by Moritz Muehlenhoff at 2023-08-31T10:29:45+02:00
new thunderbird issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -355,44 +355,65 @@ CVE-2023-4585
[bookworm] - firefox-esr <not-affected> (ESR 102 not affected)
[bullseye] - firefox-esr <not-affected> (ESR 102 not affected)
[buster] - firefox-esr <not-affected> (ESR 102 not affected)
+ - thunderbird 1:115.2.0-1
+ [bookworm] - thunderbird <not-affected> (ESR 102 not affected)
+ [bullseye] - thunderbird <not-affected> (ESR 102 not affected)
+ [buster] - thunderbird <not-affected> (ESR 102 not affected)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4585
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4585
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4585
CVE-2023-4584
{DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
+ - thunderbird 1:115.2.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4584
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4584
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4584
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4584
CVE-2023-4583
- firefox 117.0-1
- firefox-esr 115.2.0esr-1
[bookworm] - firefox-esr <not-affected> (ESR 102 not affected)
[bullseye] - firefox-esr <not-affected> (ESR 102 not affected)
[buster] - firefox-esr <not-affected> (ESR 102 not affected)
+ - thunderbird 1:115.2.0-1
+ [bookworm] - thunderbird <not-affected> (ESR 102 not affected)
+ [bullseye] - thunderbird <not-affected> (ESR 102 not affected)
+ [buster] - thunderbird <not-affected> (ESR 102 not affected)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4583
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4583
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4583
CVE-2023-4582
- firefox-esr <not-affected> (MacOS-specific)
- firefox <not-affected> (MacOS-specific)
+ - thunderbird <not-affected> (MacOS-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4582
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4582
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4582
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4582
CVE-2023-4581
{DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
+ - thunderbird 1:115.2.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4581
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4581
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4581
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4581
CVE-2023-4580
- firefox 117.0-1
- firefox-esr 115.2.0esr-1
[bookworm] - firefox-esr <not-affected> (ESR 102 not affected)
[bullseye] - firefox-esr <not-affected> (ESR 102 not affected)
[buster] - firefox-esr <not-affected> (ESR 102 not affected)
+ - thunderbird 1:115.2.0-1
+ [bookworm] - thunderbird <not-affected> (ESR 102 not affected)
+ [bullseye] - thunderbird <not-affected> (ESR 102 not affected)
+ [buster] - thunderbird <not-affected> (ESR 102 not affected)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4580
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4580
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4580
CVE-2023-4579
- firefox 117.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4579
@@ -402,44 +423,62 @@ CVE-2023-4578
[bookworm] - firefox-esr <not-affected> (ESR 102 not affected)
[bullseye] - firefox-esr <not-affected> (ESR 102 not affected)
[buster] - firefox-esr <not-affected> (ESR 102 not affected)
+ - thunderbird 1:115.2.0-1
+ [bookworm] - thunderbird <not-affected> (ESR 102 not affected)
+ [bullseye] - thunderbird <not-affected> (ESR 102 not affected)
+ [buster] - thunderbird <not-affected> (ESR 102 not affected)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4578
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4578
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4578
CVE-2023-4577
- firefox-esr 115.2.0esr-1
[bookworm] - firefox-esr <not-affected> (ESR 102 not affected)
[bullseye] - firefox-esr <not-affected> (ESR 102 not affected)
[buster] - firefox-esr <not-affected> (ESR 102 not affected)
- firefox 117.0-1
+ - thunderbird 1:115.2.0-1
+ [bookworm] - thunderbird <not-affected> (ESR 102 not affected)
+ [bullseye] - thunderbird <not-affected> (ESR 102 not affected)
+ [buster] - thunderbird <not-affected> (ESR 102 not affected)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4577
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4577
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4577
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4577
CVE-2023-4576
- firefox-esr <not-affected> (Windows-specific)
- firefox <not-affected> (Windows-specific)
+ - thunderbird <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4576
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4576
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4576
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4576
CVE-2023-4575
{DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
+ - thunderbird 1:115.2.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4575
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4575
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4575
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4575
CVE-2023-4574
{DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
+ - thunderbird 1:115.2.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4574
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4574
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4574
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4574
CVE-2023-4573
{DSA-5485-1}
- firefox-esr 115.2.0esr-1
- firefox 117.0-1
+ - thunderbird 1:115.2.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-34/#CVE-2023-4573
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-35/#CVE-2023-4573
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4573
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4573
CVE-2023-41363 (In Cerebrate 1.14, a vulnerability in UserSettingsController allows au ...)
NOT-FOR-US: Cerebrate
CVE-2023-41361 (An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not ...)
@@ -4154,8 +4193,13 @@ CVE-2023-4053 (A website could have obscured the full screen notification by usi
[bookworm] - firefox-esr <not-affected> (ESR 102 not affected)
[bullseye] - firefox-esr <not-affected> (ESR 102 not affected)
[buster] - firefox-esr <not-affected> (ESR 102 not affected)
+ - thunderbird 1:115.2.0-1
+ [bookworm] - thunderbird <not-affected> (ESR 102 not affected)
+ [bullseye] - thunderbird <not-affected> (ESR 102 not affected)
+ [buster] - thunderbird <not-affected> (ESR 102 not affected)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4053
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4053
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4053
CVE-2023-4052 (The Firefox updater created a directory writable by non-privileged use ...)
- firefox <not-affected> (Affects only Firefox on Windows)
- firefox-esr <not-affected> (Affects only Firefox ESR 115.0.1 on Windows)
@@ -4169,8 +4213,13 @@ CVE-2023-4051 (A website could have obscured the full screen notification by usi
[bookworm] - firefox-esr <not-affected> (ESR 102 not affected)
[bullseye] - firefox-esr <not-affected> (ESR 102 not affected)
[buster] - firefox-esr <not-affected> (ESR 102 not affected)
+ - thunderbird 1:115.2.0-1
+ [bookworm] - thunderbird <not-affected> (ESR 102 not affected)
+ [bullseye] - thunderbird <not-affected> (ESR 102 not affected)
+ [buster] - thunderbird <not-affected> (ESR 102 not affected)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-29/#CVE-2023-4051
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-36/#CVE-2023-4051
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-38/#CVE-2023-4051
CVE-2023-4050 (In some cases, an untrusted input stream was copied to a stack buffer ...)
{DSA-5469-1 DSA-5464-1 DLA-3523-1 DLA-3521-1}
- firefox 116.0-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/006b92fb85399064b4dc56f831671a6e9375c630
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/006b92fb85399064b4dc56f831671a6e9375c630
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230831/d8eadb6c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list