[Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2024-38

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 7 06:16:57 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
601bb47b by Salvatore Bonaccorso at 2024-08-07T07:16:16+02:00
Add thunderbird issues from mfsa2024-38

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -205,26 +205,34 @@ CVE-2024-7530 (Incorrect garbage collection interaction could have led to a use-
 CVE-2024-7529 (The date picker could partially obscure security prompts. This could b ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7529
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7529
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7529
 CVE-2024-7528 (Incorrect garbage collection interaction in IndexedDB could have led t ...)
 	- firefox 129.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7528
 CVE-2024-7527 (Unexpected marking work at the start of sweeping could have led to a u ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7527
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7527
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7527
 CVE-2024-7526 (ANGLE failed to initialize parameters which lead to reading from unini ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7526
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7526
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7526
 CVE-2024-7525 (It was possible for a web extension with minimal permissions to create ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7525
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7525
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7525
 CVE-2024-7524 (Firefox adds web-compatibility shims in place of some tracking scripts ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
@@ -236,21 +244,27 @@ CVE-2024-7523 (A select option could partially obscure security prompts. This co
 CVE-2024-7522 (Editor code failed to check an attribute value. This could have led to ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7522
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7522
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7522
 CVE-2024-7521 (Incomplete WebAssembly exception handing could have led to a use-after ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7521
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7521
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7521
 CVE-2024-7520 (A type confusion bug in WebAssembly could be leveraged by an attacker  ...)
 	- firefox 129.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7520
 CVE-2024-7519 (Insufficient checks when processing graphics shared memory could have  ...)
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
+	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7519
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7519
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7519
 CVE-2024-7518 (Select options could obscure the fullscreen notification dialog. This  ...)
 	- firefox 129.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7518



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/601bb47b20a8be17db71fe5dd3aa9f623df665d7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/601bb47b20a8be17db71fe5dd3aa9f623df665d7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240807/3c4e128b/attachment.htm>

More information about the debian-security-tracker-commits mailing list