[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 20 05:11:31 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fb18e418 by Salvatore Bonaccorso at 2026-05-20T06:11:07+02:00
Track fixed version for firefox-esr issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,14 +15,14 @@ CVE-2026-46529
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/papers/-/commit/1b82bf627b4d8b414a57b55a9095e6d361799d6c
CVE-2026-8975
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8975
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8975
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8975
CVE-2026-8974
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8974
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8974
@@ -38,7 +38,7 @@ CVE-2026-8971
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8971
CVE-2026-8970
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8970
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8970
@@ -48,7 +48,7 @@ CVE-2026-8969
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8969
CVE-2026-8968
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8968
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8968
@@ -70,14 +70,14 @@ CVE-2026-8963
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8963
CVE-2026-8962
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8962
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8962
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8962
CVE-2026-8961
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8961
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8961
@@ -94,42 +94,42 @@ CVE-2026-8959
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8959
CVE-2026-8958
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8958
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8958
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8958
CVE-2026-8957
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8957
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8957
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8957
CVE-2026-8956
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8956
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8956
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8956
CVE-2026-8955
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8955
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8955
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8955
CVE-2026-8954
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8954
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8954
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8954
CVE-2026-8953
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8953
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8953
@@ -142,7 +142,7 @@ CVE-2026-8951
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8951
CVE-2026-8950
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8950
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8950
@@ -159,14 +159,14 @@ CVE-2026-8948
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8948
CVE-2026-8947
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8947
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8947
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8947
CVE-2026-8946
- firefox 151.0-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-46/#CVE-2026-8946
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8946
@@ -3399,14 +3399,14 @@ CVE-2026-8407 (Missing authorization in the PAM module in Devolutions Server all
NOT-FOR-US: Devolutions
CVE-2026-8401 (Sandbox escape in the Profile Backup component. This vulnerability was ...)
- firefox 150.0.3-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-45/#CVE-2026-8401
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8401
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-51/#CVE-2026-8401
CVE-2026-8391 (Other issue in the JavaScript Engine component. This vulnerability was ...)
- firefox 150.0.3-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-45/#CVE-2026-8391
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8391
@@ -3419,7 +3419,7 @@ CVE-2026-8389 (JIT miscompilation in the JavaScript Engine: JIT component. This
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-45/#CVE-2026-8389
CVE-2026-8388 (Incorrect boundary conditions in the JavaScript Engine: JIT component. ...)
- firefox 150.0.3-1
- - firefox-esr <unfixed>
+ - firefox-esr 140.11.0esr-1
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-45/#CVE-2026-8388
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2026-48/#CVE-2026-8388
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb18e41865d9c6a95709dc40910ace08daa2d95a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb18e41865d9c6a95709dc40910ace08daa2d95a
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260520/5633a32f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list