[Git][security-tracker-team/security-tracker][master] add old firefox/thunderbird issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 3 07:42:50 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
27974933 by Moritz Muehlenhoff at 2023-01-03T08:42:16+01:00
add old firefox/thunderbird issue

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -83120,7 +83120,10 @@ CVE-2021-4129 (Mozilla developers and community members Julian Hector, Randell J
 CVE-2021-4128 (When transitioning in and out of fullscreen mode, a graphics object wa ...)
 	TODO: check
 CVE-2021-4127 (An out of date graphics library (Angle) likely contained vulnerabiliti ...)
-	TODO: check
+	- firefox-esr 78.9.0esr-1
+	- thunderbird 1:78.9.0-1
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-11/#CVE-2021-4127
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/#CVE-2021-4127
 CVE-2021-4126 (When receiving an OpenPGP/MIME signed email message that contains an a ...)
 	{DSA-5034-1 DLA-2874-1}
 	- thunderbird 1:91.4.1-1


=====================================
data/DSA/list
=====================================
@@ -1447,13 +1447,13 @@
 	{CVE-2020-27918 CVE-2020-29623 CVE-2021-1765 CVE-2021-1789 CVE-2021-1799 CVE-2021-1801 CVE-2021-1870 CVE-2021-21806}
 	[buster] - webkit2gtk 2.30.6-1~deb10u1
 [25 Mar 2021] DSA-4876-1 thunderbird - security update
-	{CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-29950}
+	{CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-29950 CVE-2021-4127}
 	[buster] - thunderbird 1:78.9.0-1~deb10u1
 [25 Mar 2021] DSA-4875-1 openssl - security update
 	{CVE-2021-3449}
 	[buster] - openssl 1.1.1d-0+deb10u6
 [24 Mar 2021] DSA-4874-1 firefox-esr - security update
-	{CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-29955}
+	{CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 CVE-2021-29955 CVE-2021-4127}
 	[buster] - firefox-esr 78.9.0esr-1~deb10u1
 [23 Mar 2021] DSA-4873-1 squid - security update
 	{CVE-2020-25097}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/279749333c1703545618403b166b88c175ac2c70

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/279749333c1703545618403b166b88c175ac2c70
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230103/99fdd08c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list