[Git][security-tracker-team/security-tracker][master] Track fixed for firefox-esr fixes for mfsa2025-53

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 25 08:18:48 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e419dd2 by Salvatore Bonaccorso at 2025-06-25T09:18:21+02:00
Track fixed for firefox-esr fixes for mfsa2025-53

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -219,12 +219,12 @@ CVE-2025-6431 (When a link can be opened in an external application, Firefox for
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/#CVE-2025-6431
 CVE-2025-6430 (When a file download is specified via the `Content-Disposition` header ...)
 	- firefox 140.0-1
-	- firefox-esr <unfixed>
+	- firefox-esr 128.12.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/#CVE-2025-6430
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6430
 CVE-2025-6429 (Firefox could have incorrectly parsed a URL and rewritten it to the yo ...)
 	- firefox 140.0-1
-	- firefox-esr <unfixed>
+	- firefox-esr 128.12.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/#CVE-2025-6429
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6429
 CVE-2025-6428 (When a URL was provided in a link querystring parameter, Firefox for A ...)
@@ -240,12 +240,12 @@ CVE-2025-6426 (The executable file warning did not warn users before opening fil
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6426
 CVE-2025-6425 (An attacker who enumerated resources from the WebCompat extension coul ...)
 	- firefox 140.0-1
-	- firefox-esr <unfixed>
+	- firefox-esr 128.12.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/#CVE-2025-6425
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6425
 CVE-2025-6424 (A use-after-free in FontFaceSet resulted in a potentially exploitable  ...)
 	- firefox 140.0-1
-	- firefox-esr <unfixed>
+	- firefox-esr 128.12.0esr-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-51/#CVE-2025-6424
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-53/#CVE-2025-6424
 CVE-2025-6560 (Multiple wireless router models from Sapido have an Exposure of Sensit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e419dd24e9589b7f50c5b7c10029403992d325c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e419dd24e9589b7f50c5b7c10029403992d325c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250625/32e93833/attachment.htm>

More information about the debian-security-tracker-commits mailing list