[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 17 05:14:18 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a94967cd by Salvatore Bonaccorso at 2026-06-17T06:13:53+02:00
Track fixed version for firefox issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -155,50 +155,50 @@ CVE-2026-12329 (Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerab
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12329
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12329
CVE-2026-12328 (Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12328
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12328
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12328
CVE-2026-12327 (Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140. ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12327
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12327
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12327
CVE-2026-12326 (Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12326
CVE-2026-12325 (Denial-of-service in the Graphics: ImageLib component. This vulnerabil ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12325
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12325
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12325
CVE-2026-12324 (Incorrect boundary conditions in the Graphics: CanvasWebGL component. ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12324
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12324
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12324
CVE-2026-12323 (Spoofing issue in the DOM: Core & HTML component. This vulnerability w ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12323
CVE-2026-12322 (Clickjacking issue in the Widget: Gtk component. This vulnerability wa ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12322
CVE-2026-12321 (JIT miscompilation in the JavaScript: WebAssembly component. This vuln ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12321
CVE-2026-12320 (Information disclosure in the Password Manager component. This vulnera ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12320
CVE-2026-12319 (Denial-of-service in the Audio/Video: Playback component. This vulnera ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12319
CVE-2026-12318 (Incorrect boundary conditions in the Libraries component in NSS. This ...)
- firefox <unfixed>
@@ -206,179 +206,179 @@ CVE-2026-12318 (Incorrect boundary conditions in the Libraries component in NSS.
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12318
TODO: check/clarify for src:nss
CVE-2026-12317 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12317
CVE-2026-12316 (Mitigation bypass in the DOM: Security component. This vulnerability w ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12316
CVE-2026-12315 (Mitigation bypass in the DOM: Security component. This vulnerability w ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12315
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12315
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12315
CVE-2026-12314 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12314
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12314
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12314
CVE-2026-12313 (Information disclosure, sandbox escape in the Security: Process Sandbo ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12313
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12313
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12313
CVE-2026-12312 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12312
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12312
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12312
CVE-2026-12311 (Information disclosure, sandbox escape in the Security: Process Sandbo ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12311
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12311
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12311
CVE-2026-12310 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12310
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12310
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12310
CVE-2026-12309 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12309
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12309
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12309
CVE-2026-12308 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12308
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12308
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12308
CVE-2026-12307 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12307
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12307
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12307
CVE-2026-12306 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12306
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12306
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12306
CVE-2026-12305 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12305
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12305
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12305
CVE-2026-12304 (Same-origin policy bypass in the Networking: Cookies component. This v ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12304
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12304
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12304
CVE-2026-12303 (Information disclosure due to incorrect boundary conditions in the Gra ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12303
CVE-2026-12302 (Mitigation bypass in the DOM: Security component. This vulnerability w ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12302
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12302
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12302
CVE-2026-12301 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12301
CVE-2026-12300 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12300
CVE-2026-12299 (JIT miscompilation in the DOM: Core & HTML component. This vulnerabili ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12299
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12299
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12299
CVE-2026-12298 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12298
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12298
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12298
CVE-2026-12297 (Sandbox escape due to incorrect boundary conditions in the Networking ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12297
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12297
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12297
CVE-2026-12296 (Sandbox escape in the Security: Process Sandboxing component. This vul ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12296
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12296
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12296
CVE-2026-12295 (Sandbox escape in the DOM: Navigation component. This vulnerability wa ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12295
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12295
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12295
CVE-2026-12294 (Sandbox escape in the DOM: Workers component. This vulnerability was f ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12294
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12294
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12294
CVE-2026-12293 (Use-after-free in the Graphics: WebGPU component. This vulnerability w ...)
- - firefox <unfixed>
+ - firefox 152.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12293
CVE-2026-12292 (Incorrect boundary conditions in the Web Audio component. This vulnera ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12292
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12292
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12292
CVE-2026-12291 (Use-after-free in the Networking: HTTP component. This vulnerability w ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12291
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12291
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12291
CVE-2026-12290 (Memory safety bug fixed in Thunderbird 152. This vulnerability was fix ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12290
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-58/#CVE-2026-12290
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/#CVE-2026-12290
CVE-2026-12289 (Privilege escalation in the Graphics: WebRender component. This vulner ...)
- - firefox <unfixed>
+ - firefox 152.0-1
- firefox-esr 140.12.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-57/#CVE-2026-12289
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a94967cdf626bc84d78f5f72625ba245495f3af0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a94967cdf626bc84d78f5f72625ba245495f3af0
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260617/6c817efb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list