[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable (for mfsa2024-20)

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Apr 21 20:25:11 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
127a4bc4 by Salvatore Bonaccorso at 2024-04-21T21:24:28+02:00
Track fixed version for thunderbird issues via unstable (for mfsa2024-20)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1881,7 +1881,7 @@ CVE-2024-3302 (There was no limit to the number of HTTP/2 CONTINUATION frames th
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 125.0.1-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3302
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3302
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3302
@@ -1892,7 +1892,7 @@ CVE-2024-3864 (Memory safety bug present in Firefox 124, Firefox ESR 115.9, and
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 125.0.1-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3864
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3864
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3864
@@ -1910,7 +1910,7 @@ CVE-2024-3861 (If an AlignedBuffer were assigned to itself, the subsequent self-
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 125.0.1-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3861
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3861
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3861
@@ -1921,7 +1921,7 @@ CVE-2024-3859 (On 32-bit versions there were integer-overflows that led to an ou
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 125.0.1-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3859
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3859
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3859
@@ -1932,7 +1932,7 @@ CVE-2024-3857 (The JIT created incorrect code for arguments in certain cases. Th
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 125.0.1-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3857
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3857
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3857
@@ -1946,7 +1946,7 @@ CVE-2024-3854 (In some code patterns the JIT incorrectly optimized switch statem
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 125.0.1-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3854
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3854
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3854
@@ -1957,7 +1957,7 @@ CVE-2024-3852 (GetBoundName could return the wrong version of an object when JIT
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 125.0.1-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-18/#CVE-2024-3852
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3852
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-3852
@@ -10683,7 +10683,7 @@ CVE-2024-2609 (The permission prompt input delay could expire while the window i
 	{DSA-5663-1 DLA-3790-1}
 	- firefox 124.0-1
 	- firefox-esr 115.10.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:115.10.1-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2609
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-2609
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-20/#CVE-2024-2609



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/127a4bc4c433183d0fb25a4248dc89aac7379f53

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/127a4bc4c433183d0fb25a4248dc89aac7379f53
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240421/2c9d5745/attachment.htm>

More information about the debian-security-tracker-commits mailing list