[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues fixed via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 25 06:57:20 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
132c3b38 by Salvatore Bonaccorso at 2025-07-25T07:56:45+02:00
Track fixed version for thunderbird issues fixed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -385,7 +385,7 @@ CVE-2025-8035 (Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8035
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8035
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8035
@@ -396,7 +396,7 @@ CVE-2025-8034 (Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8034
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8034
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8034
@@ -407,7 +407,7 @@ CVE-2025-8033 (The JavaScript engine did not handle closed generators correctly
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8033
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8033
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8033
@@ -421,7 +421,7 @@ CVE-2025-8032 (XSLT document loading did not correctly propagate the source docu
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8032
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8032
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8032
@@ -429,7 +429,7 @@ CVE-2025-8031 (The `username:password` part was not correctly stripped from URLs
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8031
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8031
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8031
@@ -440,7 +440,7 @@ CVE-2025-8030 (Insufficient escaping in the \u201cCopy as cURL\u201d feature cou
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8030
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8030
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8030
@@ -454,7 +454,7 @@ CVE-2025-8029 (Thunderbird executed `javascript:` URLs when used in `object` and
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8029
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8029
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8029
@@ -468,7 +468,7 @@ CVE-2025-8028 (On arm64, a WASM `br_table` instruction with a lot of entries cou
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8028
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8028
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8028
@@ -476,7 +476,7 @@ CVE-2025-8027 (On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bi
{DSA-5964-1 DLA-4250-1}
- firefox 141.0-1
- firefox-esr 128.13.0esr-1
- - thunderbird <unfixed>
+ - thunderbird 1:128.13.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/#CVE-2025-8027
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-58/#CVE-2025-8027
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-62/#CVE-2025-8027
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/132c3b38f70cde0050bcafde1f61b37ce834545c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/132c3b38f70cde0050bcafde1f61b37ce834545c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250725/3ee8dced/attachment.htm>
More information about the debian-security-tracker-commits
mailing list