[Git][security-tracker-team/security-tracker][master] Add CVE-2024-7652

Sat Sep 7 13:33:52 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6f89764 by Salvatore Bonaccorso at 2024-09-07T14:33:44+02:00
Add CVE-2024-7652

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30,7 +30,14 @@ CVE-2024-8394 (When aborting the verification of an OTR chat session, an attacke
 	[bullseye] - thunderbird <not-affected> (Vulnerable code not present)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-43/#CVE-2024-8394
 CVE-2024-7652 (An error in the ECMA-262 specification relating to Async Generators co ...)
-	TODO: check
+	- firefox 128.0-1
+	- firefox-esr 115.13.0esr-1
+	- thunderbird 1:115.13.0-1
+	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1901411
+	NOTE: https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-29/#CVE-2024-7652
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/#CVE-2024-7652
+	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/#CVE-2024-7652
 CVE-2024-7622 (The Revision Manager TMC plugin for WordPress is vulnerable to unautho ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-7611 (The Enter Addons \u2013 Ultimate Template Builder for Elementor plugin ...)


=====================================
data/DSA/list
=====================================
@@ -109,7 +109,7 @@
 	[bullseye] - bind9 1:9.16.50-1~deb11u1
 	[bookworm] - bind9 1:9.18.28-1~deb12u1
 [18 Jul 2024] DSA-5733-1 thunderbird - security update
-	{CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604}
+	{CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604 CVE-2024-7652}
 	[bullseye] - thunderbird 1:115.13.0-1~deb11u1
 	[bookworm] - thunderbird 1:115.13.0-1~deb12u1
 [18 Jul 2024] DSA-5732-1 chromium - security update
@@ -130,7 +130,7 @@
 	[bullseye] - exim4 4.94.2-7+deb11u3
 	[bookworm] - exim4 4.96-15+deb12u5
 [10 Jul 2024] DSA-5727-1 firefox-esr - security update
-	{CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604}
+	{CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6604 CVE-2024-7652}
 	[bullseye] - firefox-esr 115.13.0esr-1~deb11u1
 	[bookworm] - firefox-esr 115.13.0esr-1~deb12u1
 [05 Jul 2024] DSA-5726-1 krb5 - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6f89764af7f96b5d77f7809a613aa04ee558fa6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6f89764af7f96b5d77f7809a613aa04ee558fa6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240907/bc7f43c6/attachment-0001.htm>
