[Git][security-tracker-team/security-tracker][master] add thunderbird for recent Mozilla advisories
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Apr 23 16:40:02 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4bc838be by Moritz Muehlenhoff at 2026-04-23T17:39:27+02:00
add thunderbird for recent Mozilla advisories
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2217,12 +2217,14 @@ CVE-2026-6786 (Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6786
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6786
CVE-2026-6785 (Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, T ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6785
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6785
CVE-2026-6784 (Memory safety bugs present in Firefox 149 and Thunderbird 149. Some of ...)
@@ -2253,6 +2255,7 @@ CVE-2026-6776 (Incorrect boundary conditions in the WebRTC: Networking component
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6776
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6776
CVE-2026-6775 (Incorrect boundary conditions in the WebRTC component. This vulnerabil ...)
@@ -2268,6 +2271,7 @@ CVE-2026-6772 (Incorrect boundary conditions in the Libraries component in NSS.
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
- nss 2:3.123-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6772
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6772
@@ -2276,18 +2280,21 @@ CVE-2026-6771 (Mitigation bypass in the DOM: Security component. This vulnerabil
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6771
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6771
CVE-2026-6770 (Other issue in the Storage: IndexedDB component. This vulnerability wa ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6770
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6770
CVE-2026-6769 (Privilege escalation in the Debugger component. This vulnerability was ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6769
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6769
CVE-2026-6768 (Mitigation bypass in the Networking: Cookies component. This vulnerabi ...)
@@ -2297,6 +2304,7 @@ CVE-2026-6767 (Other issue in the Libraries component in NSS. This vulnerability
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
- nss 2:3.123-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6767
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6767
@@ -2305,6 +2313,7 @@ CVE-2026-6766 (Incorrect boundary conditions in the Libraries component in NSS.
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
- nss 2:3.123-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6766
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6766
@@ -2313,30 +2322,35 @@ CVE-2026-6765 (Information disclosure in the Form Autofill component. This vulne
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6765
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6765
CVE-2026-6764 (Incorrect boundary conditions in the DOM: Device Interfaces component. ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6764
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6764
CVE-2026-6763 (Mitigation bypass in the File Handling component. This vulnerability w ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6763
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6763
CVE-2026-6762 (Spoofing issue in the DOM: Core & HTML component. This vulnerability w ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6762
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6762
CVE-2026-6761 (Privilege escalation in the Networking component. This vulnerability w ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6761
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6761
CVE-2026-6760 (Mitigation bypass in the Networking: Cookies component. This vulnerabi ...)
@@ -2345,6 +2359,7 @@ CVE-2026-6760 (Mitigation bypass in the Networking: Cookies component. This vuln
CVE-2026-6759 (Use-after-free in the Widget: Cocoa component. This vulnerability was ...)
- firefox <not-affected> (Only affects Firefox on MacOS)
- firefox-esr <not-affected> (Only affects Firefox on MacOS)
+ - thunderbird <not-affected> (Only affects Thunderbird on MacOS)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6759
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6759
CVE-2026-6758 (Use-after-free in the JavaScript: WebAssembly component. This vulnerab ...)
@@ -2354,6 +2369,7 @@ CVE-2026-6757 (Invalid pointer in the JavaScript: WebAssembly component. This vu
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6757
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6757
CVE-2026-6756 (Mitigation bypass in Firefox for Android. This vulnerability was fixed ...)
@@ -2366,54 +2382,63 @@ CVE-2026-6754 (Use-after-free in the JavaScript Engine component. This vulnerabi
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6754
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6754
CVE-2026-6753 (Incorrect boundary conditions in the WebRTC component. This vulnerabil ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6753
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6753
CVE-2026-6752 (Incorrect boundary conditions in the WebRTC component. This vulnerabil ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6752
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6752
CVE-2026-6751 (Uninitialized memory in the Audio/Video: Web Codecs component. This vu ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6751
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6751
CVE-2026-6750 (Privilege escalation in the Graphics: WebRender component. This vulner ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6750
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6750
CVE-2026-6749 (Information disclosure due to uninitialized memory in the Graphics: Ca ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6749
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6749
CVE-2026-6748 (Uninitialized memory in the Audio/Video: Web Codecs component. This vu ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6748
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6748
CVE-2026-6747 (Use-after-free in the WebRTC component. This vulnerability was fixed i ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6747
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6747
CVE-2026-6746 (Use-after-free in the DOM: Core & HTML component. This vulnerability w ...)
{DSA-6225-1}
- firefox 150.0-1
- firefox-esr 140.10.0esr-1
+ - thunderbird 1:140.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-30/#CVE-2026-6746
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-32/#CVE-2026-6746
CVE-2026-40706 (In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists i ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bc838be32a6544d6d084fb5e8a36da9becde695
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bc838be32a6544d6d084fb5e8a36da9becde695
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260423/3860cce9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list