[Git][security-tracker-team/security-tracker][master] Track firefox fixes via unstable for mfsa2026-01
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 14 05:54:21 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e1eac9b8 by Salvatore Bonaccorso at 2026-01-14T06:53:56+01:00
Track firefox fixes via unstable for mfsa2026-01
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -780,74 +780,74 @@ CVE-2025-68767 (In the Linux kernel, the following vulnerability has been resolv
- linux 6.18.3-1
NOTE: https://git.kernel.org/linus/005d4b0d33f6b4a23d382b7930f7a96b95b01f39 (6.19-rc1)
CVE-2026-0892 (Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of ...)
- - firefox <unfixed>
+ - firefox 147.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0892
CVE-2026-0891 (Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6 ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0891
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0891
CVE-2026-0890 (Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. Thi ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0890
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0890
CVE-2026-0889 (Denial-of-service in the DOM: Service Workers component. This vulnerab ...)
- - firefox <unfixed>
+ - firefox 147.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0889
CVE-2026-0888 (Information disclosure in the XML component. This vulnerability affect ...)
- - firefox <unfixed>
+ - firefox 147.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0888
CVE-2026-0887 (Clickjacking issue, information disclosure in the PDF Viewer component ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0887
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0887
CVE-2026-0886 (Incorrect boundary conditions in the Graphics component. This vulnerab ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0886
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0886
CVE-2026-0885 (Use-after-free in the JavaScript: GC component. This vulnerability aff ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0885
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0885
CVE-2026-0884 (Use-after-free in the JavaScript Engine component. This vulnerability ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0884
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0884
CVE-2026-0883 (Information disclosure in the Networking component. This vulnerability ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0883
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0883
CVE-2026-0882 (Use-after-free in the IPC component. This vulnerability affects Firefo ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0882
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0882
CVE-2026-0881 (Sandbox escape in the Messaging System component. This vulnerability a ...)
- - firefox <unfixed>
+ - firefox 147.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0881
CVE-2026-0880 (Sandbox escape due to integer overflow in the Graphics component. This ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0880
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0880
CVE-2026-0879 (Sandbox escape due to incorrect boundary conditions in the Graphics co ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0879
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0879
CVE-2026-0878 (Sandbox escape due to incorrect boundary conditions in the Graphics: C ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0878
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0878
CVE-2026-0877 (Mitigation bypass in the DOM: Security component. This vulnerability a ...)
- - firefox <unfixed>
+ - firefox 147.0-1
- firefox-esr <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0877
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0877
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1eac9b86e42e096e49c1ddc191e03921459afa3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1eac9b86e42e096e49c1ddc191e03921459afa3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260114/aee2f2fc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list