[Git][security-tracker-team/security-tracker][master] new thunderbird issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Feb 17 22:04:12 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e25cd873 by Moritz Muehlenhoff at 2023-02-17T23:03:46+01:00
new thunderbird issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -758,8 +758,10 @@ CVE-2023-25744
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25744
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25744
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25744
 CVE-2023-25743
 	RESERVED
 	- firefox <not-affected> (Specific to Firefox Focus)
@@ -771,8 +773,10 @@ CVE-2023-25742
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25742
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25742
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25742
 CVE-2023-25741
 	RESERVED
 	- firefox 110.0-1
@@ -786,21 +790,27 @@ CVE-2023-25739
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25739
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25739
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25739
 CVE-2023-25738
 	RESERVED
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
+	- thunderbird <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25738
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25738
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25738
 CVE-2023-25737
 	RESERVED
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25737
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25737
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25737
 CVE-2023-25736
 	RESERVED
 	- firefox 110.0-1
@@ -810,14 +820,18 @@ CVE-2023-25735
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25735
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25735
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25735
 CVE-2023-25734
 	RESERVED
 	- firefox <not-affected> (Windows-specific)
 	- firefox-esr <not-affected> (Windows-specific)
+	- thunderbird <not-affected> (Windows-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25734
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25734
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25734
 CVE-2023-25733
 	RESERVED
 	- firefox 110.0-1
@@ -827,8 +841,10 @@ CVE-2023-25732
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25732
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25732
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25732
 CVE-2023-25731
 	RESERVED
 	- firefox 110.0-1
@@ -838,22 +854,28 @@ CVE-2023-25730
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25730
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25730
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25730
 CVE-2023-25729
 	RESERVED
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25729
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25729
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25729
 CVE-2023-25728
 	RESERVED
 	{DSA-5350-1 DLA-3319-1}
 	- firefox 110.0-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25728
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25728
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25728
 CVE-2023-24585
 	RESERVED
 CVE-2023-0816
@@ -1295,8 +1317,10 @@ CVE-2023-0767
 	- firefox 110.0-1
 	- nss 2:3.87.1-1
 	- firefox-esr 102.8.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-0767
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767
 	NOTE: https://hg.mozilla.org/projects/nss/rev/684586ec163ad4fbbf15ea2cd1ee5c2da43036ad
 CVE-2023-0766
 	RESERVED
@@ -3000,6 +3024,8 @@ CVE-2023-0617 (A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has
 	NOT-FOR-US: TRENDnet
 CVE-2023-0616
 	RESERVED
+	- thunderbird <unfixed>
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0616
 CVE-2023-0615 (A memory leak flaw and potential divide by zero and Integer overflow w ...)
 	- linux <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2166287


=====================================
data/dsa-needed.txt
=====================================
@@ -56,7 +56,7 @@ samba
 sofia-sip
   Maintainer proposed debdiff for review with additional question and sent a followup
 --
-sox
+sox (jmm)
   patch needed for CVE-2021-40426, check with upstream
 --
 thunderbird (jmm)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e25cd8732ab1dc5dc4586a7e0c3e1ddb2ce6575c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e25cd8732ab1dc5dc4586a7e0c3e1ddb2ce6575c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230217/8390d1c3/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list