[Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Feb 17 22:04:12 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e25cd873 by Moritz Muehlenhoff at 2023-02-17T23:03:46+01:00
new thunderbird issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -758,8 +758,10 @@ CVE-2023-25744
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25744
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25744
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25744
CVE-2023-25743
RESERVED
- firefox <not-affected> (Specific to Firefox Focus)
@@ -771,8 +773,10 @@ CVE-2023-25742
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25742
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25742
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25742
CVE-2023-25741
RESERVED
- firefox 110.0-1
@@ -786,21 +790,27 @@ CVE-2023-25739
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25739
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25739
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25739
CVE-2023-25738
RESERVED
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
+ - thunderbird <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25738
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25738
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25738
CVE-2023-25737
RESERVED
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25737
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25737
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25737
CVE-2023-25736
RESERVED
- firefox 110.0-1
@@ -810,14 +820,18 @@ CVE-2023-25735
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25735
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25735
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25735
CVE-2023-25734
RESERVED
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
+ - thunderbird <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25734
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25734
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25734
CVE-2023-25733
RESERVED
- firefox 110.0-1
@@ -827,8 +841,10 @@ CVE-2023-25732
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25732
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25732
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25732
CVE-2023-25731
RESERVED
- firefox 110.0-1
@@ -838,22 +854,28 @@ CVE-2023-25730
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25730
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25730
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25730
CVE-2023-25729
RESERVED
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25729
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25729
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25729
CVE-2023-25728
RESERVED
{DSA-5350-1 DLA-3319-1}
- firefox 110.0-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-25728
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-25728
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-25728
CVE-2023-24585
RESERVED
CVE-2023-0816
@@ -1295,8 +1317,10 @@ CVE-2023-0767
- firefox 110.0-1
- nss 2:3.87.1-1
- firefox-esr 102.8.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-05/#CVE-2023-0767
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-06/#CVE-2023-0767
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0767
NOTE: https://hg.mozilla.org/projects/nss/rev/684586ec163ad4fbbf15ea2cd1ee5c2da43036ad
CVE-2023-0766
RESERVED
@@ -3000,6 +3024,8 @@ CVE-2023-0617 (A vulnerability was found in TRENDNet TEW-811DRU 1.0.10.0. It has
NOT-FOR-US: TRENDnet
CVE-2023-0616
RESERVED
+ - thunderbird <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-07/#CVE-2023-0616
CVE-2023-0615 (A memory leak flaw and potential divide by zero and Integer overflow w ...)
- linux <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2166287
=====================================
data/dsa-needed.txt
=====================================
@@ -56,7 +56,7 @@ samba
sofia-sip
Maintainer proposed debdiff for review with additional question and sent a followup
--
-sox
+sox (jmm)
patch needed for CVE-2021-40426, check with upstream
--
thunderbird (jmm)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e25cd8732ab1dc5dc4586a7e0c3e1ddb2ce6575c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e25cd8732ab1dc5dc4586a7e0c3e1ddb2ce6575c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230217/8390d1c3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list