[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr via unstable for mfsa2025-02 issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 8 04:49:28 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
87722cdd by Salvatore Bonaccorso at 2025-01-08T05:48:52+01:00
Track fixed version for firefox-esr via unstable for mfsa2025-02 issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -452,37 +452,37 @@ CVE-2025-0247 (Memory safety bugs present in Firefox 133 and Thunderbird 133. So
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0247
CVE-2025-0243 (Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0243
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0243
CVE-2025-0242 (Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0242
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0242
CVE-2025-0241 (When segmenting specially crafted text, segmentation would corrupt mem ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0241
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0241
CVE-2025-0240 (Parsing a JavaScript module as JSON could, under some circumstances, c ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0240
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0240
CVE-2025-0239 (When using Alt-Svc, ALPN did not properly validate certificates when t ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0239
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0239
CVE-2025-0238 (Assuming a controlled failed memory allocation, an attacker could have ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0238
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0238
CVE-2025-0237 (The WebChannel API, which is used to transport various information acr ...)
- firefox <unfixed>
- - firefox-esr <unfixed>
+ - firefox-esr 128.6.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0237
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0237
CVE-2025-0246 (When using an invalid protocol scheme, an attacker could spoof the add ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87722cdd0052d8089dce50a0fd166a264c67852e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87722cdd0052d8089dce50a0fd166a264c67852e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250108/6d030639/attachment.htm>
More information about the debian-security-tracker-commits
mailing list