[Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2024-14
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 19 18:19:56 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
405967b7 by Salvatore Bonaccorso at 2024-03-19T19:19:22+01:00
Add thunderbird issues from mfsa2024-14
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,53 +1,69 @@
CVE-2024-2616
- firefox-esr <unfixed>
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2616
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2616
CVE-2024-2615
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2615
CVE-2024-2614
- firefox <unfixed>
- firefox-esr <unfixed>
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2614
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2614
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2614
CVE-2024-2613
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2613
CVE-2024-2612
- firefox <unfixed>
- firefox-esr <unfixed>
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2612
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2612
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2612
CVE-2024-2611
- firefox <unfixed>
- firefox-esr <unfixed>
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2611
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2611
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2611
CVE-2024-2610
- firefox <unfixed>
- firefox-esr <unfixed>
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2610
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2610
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2610
CVE-2024-2609
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2609
CVE-2024-2608
- firefox <unfixed>
- firefox-esr <unfixed>
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2608
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2608
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2608
CVE-2024-2607
- firefox <unfixed>
- firefox-esr <unfixed>
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2607
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2607
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2607
CVE-2024-2606
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2606
CVE-2024-2605
- firefox <not-affected> (Only affects Firefox on Windows)
- firefox-esr <not-affected> (Only affects Firefox ESR on Windows)
+ - thunderbird <not-affected> (Only affects Thunderbird on Windows)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2605
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-2605
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-2605
CVE-2024-2622 (A vulnerability was found in Fujian Kelixin Communication Command and ...)
NOT-FOR-US: Fujian
CVE-2024-2621 (A vulnerability was found in Fujian Kelixin Communication Command and ...)
@@ -13156,8 +13172,10 @@ CVE-2024-0743 (An unchecked return value in TLS handshake code could have caused
- firefox 122.0-1
- firefox-esr <unfixed>
- nss 2:3.96.1-1
+ - thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-01/#CVE-2024-0743
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2024-0743
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2024-0743
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1867408
NOTE: https://hg.mozilla.org/projects/nss/rev/1bda168c0da97e19e5f14bc4227c15c0a9f493b
CVE-2024-0742 (It was possible for certain browser prompts and dialogs to be activate ...)
@@ -29885,11 +29903,13 @@ CVE-2023-5388
- nss 2:3.98-1 (bug #1056284)
[bookworm] - nss <no-dsa> (Minor issue)
[bullseye] - nss <no-dsa> (Minor issue)
+ - thunderbird <unfixed>
NOTE: https://people.redhat.com/~hkario/marvin/
NOTE: Vendor patch (Rocky Linux, not upstreamed): https://git.rockylinux.org/staging/rpms/nss/-/commit/1f7f7523b61a2ada2f461548c4160fbbf979c5dd
NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/196716d8377ab427e326f20bff2d026e90ac69e2
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2023-5388
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-13/#CVE-2023-5388
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-14/#CVE-2023-5388
CVE-2023-5551 (Separate Groups mode restrictions were not honoured in the forum summa ...)
- moodle <removed>
CVE-2023-5550 (In a shared hosting environment that has been misconfigured to allow a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/405967b7a0e968f74754fd9629fb3d045b735a90
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/405967b7a0e968f74754fd9629fb3d045b735a90
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240319/bff07b42/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list