[Git][security-tracker-team/security-tracker][master] thunderbird DSA

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jan 10 21:51:27 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d3c4147e by Moritz Mühlenhoff at 2025-01-10T22:50:28+01:00
thunderbird DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -16137,7 +16137,6 @@ CVE-2024-50386 (Account users in Apache CloudStack by default are allowed to reg
 CVE-2024-50336 (matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for Jav ...)
 	- node-matrix-js-sdk <removed>
 	- thunderbird 1:128.5.2esr-1
-	[bookworm] - thunderbird <no-dsa> (Minor issue; can be fixed in January thunderbird update)
 	[bullseye] - thunderbird <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-69/#CVE-2024-50336
 CVE-2024-50331 (An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 a ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[10 Jan 2025] DSA-5841-1 thunderbird - security update
+	{CVE-2024-50336 CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243}
+	[bookworm] - thunderbird 1:128.6.0esr-1~deb12u1
 [09 Jan 2025] DSA-5840-1 chromium - security update
 	{CVE-2025-0291}
 	[bookworm] - chromium 131.0.6778.264-1~deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -50,8 +50,6 @@ sogo
 --
 tcpdf
 --
-thunderbird (jmm)
---
 trafficserver
 --
 wordpress



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3c4147e44d693a5edb8e3c8cd7701c28b0ccc98

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3c4147e44d693a5edb8e3c8cd7701c28b0ccc98
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250110/0214dfd0/attachment.htm>

More information about the debian-security-tracker-commits mailing list