[Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2024-31
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 16 20:47:21 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
66a5956a by Salvatore Bonaccorso at 2024-07-16T21:46:42+02:00
Add thunderbird issues from mfsa2024-31
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2664,32 +2664,42 @@ CVE-2024-6604 (Memory safety bugs present in Firefox 127, Firefox ESR 115.12, an
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6604
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6604
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6604
CVE-2024-6603 (In an out-of-memory scenario an allocation could fail but free would h ...)
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6603
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6603
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6603
CVE-2024-6602 (A mismatch between allocator and deallocator could have lead to memory ...)
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6602
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6602
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6602
TODO: check how its related to src:nss and if src:nss tracking is necessary
CVE-2024-6601 (A race condition could lead to a cross-origin container obtaining perm ...)
{DSA-5727-1}
- firefox 128.0-1
- firefox-esr 115.13.0esr-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6601
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6601
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6601
CVE-2024-6600 (Due to large allocation checks in Angle for GLSL shaders being too len ...)
- firefox <not-affected> (Only affects Firefox on MacOS)
- firefox-esr <not-affected> (Only affects Firefox on MacOS)
+ - thunderbird <not-affected> (Only affects Firefox on MacOS)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-6600
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-6600
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-6600
CVE-2024-39487 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.9.9-1
NOTE: https://git.kernel.org/linus/e271ff53807e8f2c628758290f0e499dbe51cb3d (6.10-rc7)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a5956ac4ccc70fa316f518fe017100feb69023
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a5956ac4ccc70fa316f518fe017100feb69023
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240716/cd5fc2c2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list