Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c00749f2 by Salvatore Bonaccorso at 2024-02-20T23:13:36+01:00 Add new thunderbird issues from mfsa2024-07 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -141,43 +141,59 @@ CVE-2024-1554 (The `fetch()` API and navigation incorrectly shared the same cach CVE-2024-1553 (Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thun ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1553 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1553 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1553 CVE-2024-1552 (Incorrect code generation could have led to unexpected numeric convers ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1552 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1552 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1552 CVE-2024-1551 (Set-Cookie response headers were being incorrectly honored in multipar ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1551 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1551 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1551 CVE-2024-1550 (A malicious website could have used a combination of exiting fullscree ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1550 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1550 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1550 CVE-2024-1549 (If a website set a large custom cursor, portions of the cursor could h ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1549 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1549 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1549 CVE-2024-1548 (A website could have obscured the fullscreen notification by using a d ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1548 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1548 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1548 CVE-2024-1547 (Through a series of API calls and redirects, an attacker-controlled al ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1547 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1547 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1547 CVE-2024-1546 (When storing and re-accessing data on a networking channel, the length ...) - firefox <unfixed> - firefox-esr <unfixed> + - thunderbird <unfixed> NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-05/#CVE-2024-1546 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-06/#CVE-2024-1546 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/#CVE-2024-1546 CVE-2024-1519 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...) TODO: check CVE-2024-1496 (The Featured Image from URL (FIFU) plugin for WordPress is vulnerable ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c00749f255f6fc57102d7d434591c90b8fb82ddf -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c00749f255f6fc57102d7d434591c90b8fb82ddf You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits