[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox for mfsa2024-21 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 15 05:20:40 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7c4ef70b by Salvatore Bonaccorso at 2024-05-15T06:17:37+02:00
Track fixed version for firefox for mfsa2024-21 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -404,56 +404,56 @@ CVE-2023-36640 (A use of externally-controlled format string in Fortinet FortiPr
 CVE-2023-35841 (Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Dri ...)
 	TODO: check
 CVE-2024-4778 (Memory safety bugs present in Firefox 125. Some of these bugs showed e ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4778
 CVE-2024-4777 (Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thu ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	- firefox-esr <unfixed>
 	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4777
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4777
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4777
 CVE-2024-4776 (A file dialog shown while in full-screen mode could have resulted in t ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4776
 CVE-2024-4775 (An iterator stop condition was missing when handling WASM code in the  ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4775
 CVE-2024-4774 (The `ShmemCharMapHashEntry()` code was susceptible to potentially unde ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4774
 CVE-2024-4773 (When a network error occurred during page load, the prior content coul ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4773
 CVE-2024-4772 (An HTTP digest authentication nonce value was generated using `rand()` ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4772
 CVE-2024-4771 (A memory allocation check was missing which would lead to a use-after- ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4771
 CVE-2024-4770 (When saving a page to PDF, certain font styles could have led to a pot ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	- firefox-esr <unfixed>
 	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4770
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4770
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769
 CVE-2024-4769 (When importing resources using Web Workers, error messages would disti ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	- firefox-esr <unfixed>
 	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4769
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4769
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4769
 CVE-2024-4768 (A bug in popup notifications' interaction with WebAuthn made it easier ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	- firefox-esr <unfixed>
 	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4768
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4768
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4768
 CVE-2024-4767 (If the `browser.privatebrowsing.autostart` preference is enabled, Inde ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	- firefox-esr <unfixed>
 	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4767
@@ -466,14 +466,14 @@ CVE-2024-4765 (Web application manifests were stored by using an insecure MD5 ha
 	- firefox <not-affected> (Android-specific)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4765
 CVE-2024-4367 (A type check was missing when handling fonts in PDF.js, which would al ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	- firefox-esr <unfixed>
 	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4367
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/#CVE-2024-4367
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-23/#CVE-2024-4367
 CVE-2024-4764 (Multiple WebRTC threads could have claimed a newly connected audio inp ...)
-	- firefox <unfixed>
+	- firefox 126.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4764
 CVE-2024-4855 (Use after free issue in editcap could cause denial of service via craf ...)
 	- wireshark <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c4ef70b2b6020808c8f8b91a6202ac0cc42590d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c4ef70b2b6020808c8f8b91a6202ac0cc42590d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240515/fe1e4165/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list