[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird for CVEs from mfsa2024-37 overlapping with mfsa2024-38

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 7 18:33:51 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7d8dd91d by Salvatore Bonaccorso at 2024-08-07T19:32:21+02:00
Track fixed version for thunderbird for CVEs from mfsa2024-37 overlapping with mfsa2024-38

Technically we might need to add thunderbird <not-affected> (...)
entries for those only from mfsa2024-37.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -376,7 +376,7 @@ CVE-2024-7529 (The date picker could partially obscure security prompts. This co
 	{DSA-5740-1}
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:128.1.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7529
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7529
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7529
@@ -387,7 +387,7 @@ CVE-2024-7527 (Unexpected marking work at the start of sweeping could have led t
 	{DSA-5740-1}
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:128.1.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7527
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7527
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7527
@@ -395,7 +395,7 @@ CVE-2024-7526 (ANGLE failed to initialize parameters which led to reading from u
 	{DSA-5740-1}
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:128.1.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7526
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7526
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7526
@@ -403,7 +403,7 @@ CVE-2024-7525 (It was possible for a web extension with minimal permissions to c
 	{DSA-5740-1}
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:128.1.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7525
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7525
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7525
@@ -420,7 +420,7 @@ CVE-2024-7522 (Editor code failed to check an attribute value. This could have l
 	{DSA-5740-1}
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:128.1.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7522
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7522
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7522
@@ -428,7 +428,7 @@ CVE-2024-7521 (Incomplete WebAssembly exception handing could have led to a use-
 	{DSA-5740-1}
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:128.1.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7521
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7521
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7521
@@ -439,7 +439,7 @@ CVE-2024-7519 (Insufficient checks when processing graphics shared memory could
 	{DSA-5740-1}
 	- firefox 129.0-1
 	- firefox-esr 115.14.0esr-1
-	- thunderbird <unfixed>
+	- thunderbird 1:128.1.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7519
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7519
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7519



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8dd91db941e2a5e47dbbcf8d89232eb3040d67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d8dd91db941e2a5e47dbbcf8d89232eb3040d67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240807/5f9ab65c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list