Bug#1067523: marked as done (firefox: CVE-2024-29943 / CVE-2024-29944 critical bugs, fixed in FF 124.0.1)

Debian Bug Tracking System Fri, 22 Mar 2024 18:30:48 -0700

Your message dated Sat, 23 Mar 2024 09:56:22 +0900
with message-id <20240323005622.czg7gbbv2rtep...@glandium.org>
and subject line Re: Bug#1067523: firefox: CVE-2024-29943 / CVE-2024-29944 
critical bugs, fixed in FF 124.0.1
has caused the Debian Bug report #1067523,
regarding firefox: CVE-2024-29943 / CVE-2024-29944 critical bugs, fixed in FF 
124.0.1
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1067523: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067523
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: firefox
Version: 124.0-1
Severity: grave
Tags: security upstream fixed-upstream
Justification: user security hole
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>

Firefox 124.0.1 is available upstream, which fixes 2 critical bugs:
  https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/

-- Package-specific info:


-- Addons package information

-- System Information:
Debian Release: trixie/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), 
(500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.6.15-amd64 (SMP w/12 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages firefox depends on:
ii  debianutils          5.17
ii  fontconfig           2.15.0-1.1
ii  libasound2t64        1.2.11-1+b1
ii  libatk1.0-0t64       2.51.90-4
ii  libc6                2.37-15.1
ii  libcairo-gobject2    1.18.0-1+local1
ii  libcairo2            1.18.0-1+local1
ii  libdbus-1-3          1.14.10-4+b1
ii  libevent-2.1-7t64    2.1.12-stable-8.1+b1
ii  libffi8              3.4.6-1
ii  libfontconfig1       2.15.0-1.1
ii  libfreetype6         2.13.2+dfsg-1+b2
ii  libgcc-s1            14-20240315-1
ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-3+b2
ii  libglib2.0-0t64      2.78.4-5
ii  libgtk-3-0t64        3.24.41-3
ii  libnspr4             2:4.35-1.1+b1
ii  libnss3              2:3.99-1
ii  libpango-1.0-0       1.51.0+ds-4
ii  libstdc++6           14-20240315-1
ii  libvpx8              1.13.1-2
ii  libx11-6             2:1.8.7-1
ii  libx11-xcb1          2:1.8.7-1
ii  libxcb-shm0          1.15-1
ii  libxcb1              1.15-1
ii  libxcomposite1       1:0.4.5-1
ii  libxdamage1          1:1.1.6-1
ii  libxext6             2:1.3.4-1+b1
ii  libxfixes3           1:6.0.0-2
ii  libxrandr2           2:1.5.4-1
ii  procps               2:4.0.4-4
ii  zlib1g               1:1.3.dfsg-3.1

Versions of packages firefox recommends:
ii  libavcodec60  7:6.1.1-3

Versions of packages firefox suggests:
ii  fonts-lmodern                   2.005-1
ii  fonts-stix [otf-stix]           1.1.1-5
ii  libcanberra0t64 [libcanberra0]  0.30-12.2
ii  libgssapi-krb5-2                1.20.1-6
ii  pulseaudio                      16.1+dfsg1-3+b1

-- no debconf information

-- 
Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

--- End Message ---

--- Begin Message ---

Version: 124.0.1-1

$ grep firefox_124.0.1-1 /srv/ftp-master.debian.org/log/2024-03
20240322231510|process-upload|dak|Processing changes 
file|firefox_124.0.1-1_source.changes

On Fri, Mar 22, 2024 at 11:53:06PM +0100, Vincent Lefevre wrote:
> Package: firefox
> Version: 124.0-1
> Severity: grave
> Tags: security upstream fixed-upstream
> Justification: user security hole
> X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
> 
> Firefox 124.0.1 is available upstream, which fixes 2 critical bugs:
>   https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/
> 
> -- Package-specific info:
> 
> 
> -- Addons package information
> 
> -- System Information:
> Debian Release: trixie/sid
>   APT prefers unstable-debug
>   APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 
> 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), 
> (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
> 
> Kernel: Linux 6.6.15-amd64 (SMP w/12 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
> TAINT_UNSIGNED_MODULE
> Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
> 
> Versions of packages firefox depends on:
> ii  debianutils          5.17
> ii  fontconfig           2.15.0-1.1
> ii  libasound2t64        1.2.11-1+b1
> ii  libatk1.0-0t64       2.51.90-4
> ii  libc6                2.37-15.1
> ii  libcairo-gobject2    1.18.0-1+local1
> ii  libcairo2            1.18.0-1+local1
> ii  libdbus-1-3          1.14.10-4+b1
> ii  libevent-2.1-7t64    2.1.12-stable-8.1+b1
> ii  libffi8              3.4.6-1
> ii  libfontconfig1       2.15.0-1.1
> ii  libfreetype6         2.13.2+dfsg-1+b2
> ii  libgcc-s1            14-20240315-1
> ii  libgdk-pixbuf-2.0-0  2.42.10+dfsg-3+b2
> ii  libglib2.0-0t64      2.78.4-5
> ii  libgtk-3-0t64        3.24.41-3
> ii  libnspr4             2:4.35-1.1+b1
> ii  libnss3              2:3.99-1
> ii  libpango-1.0-0       1.51.0+ds-4
> ii  libstdc++6           14-20240315-1
> ii  libvpx8              1.13.1-2
> ii  libx11-6             2:1.8.7-1
> ii  libx11-xcb1          2:1.8.7-1
> ii  libxcb-shm0          1.15-1
> ii  libxcb1              1.15-1
> ii  libxcomposite1       1:0.4.5-1
> ii  libxdamage1          1:1.1.6-1
> ii  libxext6             2:1.3.4-1+b1
> ii  libxfixes3           1:6.0.0-2
> ii  libxrandr2           2:1.5.4-1
> ii  procps               2:4.0.4-4
> ii  zlib1g               1:1.3.dfsg-3.1
> 
> Versions of packages firefox recommends:
> ii  libavcodec60  7:6.1.1-3
> 
> Versions of packages firefox suggests:
> ii  fonts-lmodern                   2.005-1
> ii  fonts-stix [otf-stix]           1.1.1-5
> ii  libcanberra0t64 [libcanberra0]  0.30-12.2
> ii  libgssapi-krb5-2                1.20.1-6
> ii  pulseaudio                      16.1+dfsg1-3+b1
> 
> -- no debconf information
> 
> -- 
> Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
>

--- End Message ---

Bug#1067523: marked as done (firefox: CVE-2024-29943 / CVE-2024-29944 critical bugs, fixed in FF 124.0.1)

Reply via email to