[Git][security-tracker-team/security-tracker][master] Add new firefox-esr issues from mfsa2025-29
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 30 05:54:01 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b8603256 by Salvatore Bonaccorso at 2025-04-30T06:53:33+02:00
Add new firefox-esr issues from mfsa2025-29
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,14 @@
+CVE-2025-4093
+ - firefox-esr <unfixed>
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4093
CVE-2025-4092
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4092
CVE-2025-4091
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4091
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4091
CVE-2025-4090
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4090
@@ -15,22 +20,33 @@ CVE-2025-4088
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4088
CVE-2025-4087
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4087
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4087
CVE-2025-4086
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4086
CVE-2025-4085
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4085
+CVE-2025-4084
+ - firefox-esr <not-affected> (Only affects Firefox on Windows)
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4084
CVE-2025-4083
- firefox <unfixed>
+ - firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4083
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4083
CVE-2025-4082
- firefox <not-affected> (Only affects Firefox on MacOS)
+ - firefox-esr <not-affected> (Only affects Firefox on MacOS)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4082
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4082
CVE-2025-2817
- firefox <not-affected> (Only affects firefox Updater on Windows)
+ - firefox-esr <not-affected> (Only affects firefox Updater on Windows)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-2817
+ NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-2817
CVE-2025-30087 [Cross Site Scripting via injection of malicious parameters in a search URL]
- request-tracker5 <unfixed> (bug #1104422)
- request-tracker4 <unfixed> (bug #1104424)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b86032563a1e02392b889609776212519d8f2f63
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b86032563a1e02392b889609776212519d8f2f63
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250430/38f4f82c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list