[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr via unstable for mfsa2025-02 issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jan 8 04:49:28 GMT 2025



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
87722cdd by Salvatore Bonaccorso at 2025-01-08T05:48:52+01:00
Track fixed version for firefox-esr via unstable for mfsa2025-02 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -452,37 +452,37 @@ CVE-2025-0247 (Memory safety bugs present in Firefox 133 and Thunderbird 133. So
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0247
 CVE-2025-0243 (Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...)
 	- firefox <unfixed>
-	- firefox-esr <unfixed>
+	- firefox-esr 128.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0243
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0243
 CVE-2025-0242 (Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ES ...)
 	- firefox <unfixed>
-	- firefox-esr <unfixed>
+	- firefox-esr 128.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0242
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0242
 CVE-2025-0241 (When segmenting specially crafted text, segmentation would corrupt mem ...)
 	- firefox <unfixed>
-	- firefox-esr <unfixed>
+	- firefox-esr 128.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0241
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0241
 CVE-2025-0240 (Parsing a JavaScript module as JSON could, under some circumstances, c ...)
 	- firefox <unfixed>
-	- firefox-esr <unfixed>
+	- firefox-esr 128.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0240
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0240
 CVE-2025-0239 (When using Alt-Svc, ALPN did not properly validate certificates when t ...)
 	- firefox <unfixed>
-	- firefox-esr <unfixed>
+	- firefox-esr 128.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0239
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0239
 CVE-2025-0238 (Assuming a controlled failed memory allocation, an attacker could have ...)
 	- firefox <unfixed>
-	- firefox-esr <unfixed>
+	- firefox-esr 128.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0238
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0238
 CVE-2025-0237 (The WebChannel API, which is used to transport various information acr ...)
 	- firefox <unfixed>
-	- firefox-esr <unfixed>
+	- firefox-esr 128.6.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-01/#CVE-2025-0237
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-02/#CVE-2025-0237
 CVE-2025-0246 (When using an invalid protocol scheme, an attacker could spoof the add ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87722cdd0052d8089dce50a0fd166a264c67852e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87722cdd0052d8089dce50a0fd166a264c67852e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250108/6d030639/attachment.htm>


More information about the debian-security-tracker-commits mailing list