[Git][security-tracker-team/security-tracker][master] Add new firefox-esr issues from mfsa2023-02
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 18 06:07:50 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
879c8365 by Salvatore Bonaccorso at 2023-01-18T07:07:14+01:00
Add new firefox-esr issues from mfsa2023-02
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -372,20 +372,32 @@ CVE-2023-23606
RESERVED
CVE-2023-23605
RESERVED
+ - firefox-esr <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23605
CVE-2023-23604
RESERVED
CVE-2023-23603
RESERVED
+ - firefox-esr <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23603
CVE-2023-23602
RESERVED
+ - firefox-esr <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23602
CVE-2023-23601
RESERVED
+ - firefox-esr <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23601
CVE-2023-23600
RESERVED
CVE-2023-23599
RESERVED
+ - firefox-esr <not-affected> (Only affects Firefox on Windows)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23599
CVE-2023-23598
RESERVED
+ - firefox-esr <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2023-23598
CVE-2023-23597
RESERVED
CVE-2023-0328
@@ -9545,7 +9557,9 @@ CVE-2022-46878 (Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, an
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46878
CVE-2022-46877 (By confusing the browser, the fullscreen notification could have been ...)
- firefox 108.0-1
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/#CVE-2022-46877
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2022-46877
CVE-2022-46876
RESERVED
CVE-2022-46875 (The executable file warning was not presented when downloading .atloc ...)
@@ -9576,7 +9590,9 @@ CVE-2022-46872 (An attacker who compromised a content process could have partial
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46872
CVE-2022-46871 (An out of date library (libusrsctp) contained vulnerabilities that cou ...)
- firefox 108.0-1
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/#CVE-2022-46871
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2022-46871
CVE-2022-46870 (An Improper Neutralization of Input During Web Page Generation ('Cross ...)
NOT-FOR-US: Apache Zeppelin
CVE-2022-46869
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/879c836526876ddf28b30dda7c5b7257ed2240d5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/879c836526876ddf28b30dda7c5b7257ed2240d5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230118/e3aeb777/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list