[Git][security-tracker-team/security-tracker][master] Reserve DLA-4012-1 for thunderbird

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Sat Jan 11 09:49:48 GMT 2025 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
586e07c4 by Emilio Pozuelo Monfort at 2025-01-11T10:49:30+01:00
Reserve DLA-4012-1 for thunderbird

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -16350,7 +16350,6 @@ CVE-2024-50336 (matrix-js-sdk is a Matrix messaging protocol Client-Server SDK f
 	{DSA-5841-1}
 	- node-matrix-js-sdk <removed>
 	- thunderbird 1:128.5.2esr-1
-	[bullseye] - thunderbird <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-69/#CVE-2024-50336
 CVE-2024-50331 (An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 a ...)
 	NOT-FOR-US: Ivanti


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[11 Jan 2025] DLA-4012-1 thunderbird - security update
+	{CVE-2024-50336 CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243}
+	[bullseye] - thunderbird 1:128.6.0esr-1~deb11u1
 [11 Jan 2025] DLA-4011-1 firefox-esr - security update
 	{CVE-2025-0237 CVE-2025-0238 CVE-2025-0239 CVE-2025-0240 CVE-2025-0241 CVE-2025-0242 CVE-2025-0243}
 	[bullseye] - firefox-esr 128.6.0esr-1~deb11u3


=====================================
data/dla-needed.txt
=====================================
@@ -232,9 +232,6 @@ tcpdf (Adrian Bunk)
   NOTE: 20241205: Added by Front-Desk (santiago)
   NOTE: 20241230: https://lists.debian.org/debian-lts/2024/12/msg00057.html (bunk)
 --
-thunderbird (Emilio)
-  NOTE: 20250109: Added by pochu
---
 tomcat9
   NOTE: 20240908: Added by (apo)
   NOTE: 20240923: Still working on patch backport. (apo)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/586e07c40896df8406c6610efafe78ad5ffebec3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/586e07c40896df8406c6610efafe78ad5ffebec3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250111/1d59fb5b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list