Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits: 23d5928c by Emilio Pozuelo Monfort at 2019-01-30T09:06:50Z Mark CVE-2016-5824 as affecting thunderbird - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -135199,6 +135199,7 @@ CVE-2016-5824 (libical 1.0 allows remote attackers to cause a denial of service - libical <unfixed> (bug #860451) [stretch] - libical <no-dsa> (Minor issue) [jessie] - libical <no-dsa> (Minor issue) + - thunderbird 1:60.5.0-1 NOTE: Original report: https://github.com/libical/libical/issues/235 NOTE: Reopened at: https://bugzilla.mozilla.org/show_bug.cgi?id=1275400 NOTE: Reproducer: https://bugzilla.mozilla.org/attachment.cgi?id=8757553 @@ -135207,6 +135208,8 @@ CVE-2016-5824 (libical 1.0 allows remote attackers to cause a denial of service NOTE: Whilst the upstream commits in issues/251 fix the issue of #251 itself NOTE: they do not fix the bugzilla.mozilla.org case 1275400 which was assigned NOTE: in http://www.openwall.com/lists/oss-security/2016/06/25/4 + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-03/#CVE-2016-5824 + NOTE: thunderbird uses embedded libical copy CVE-2016-5823 (The icalproperty_new_clone function in libical 0.47 and 1.0 allows ...) - libical 1.0-1 [wheezy] - libical <no-dsa> (Only possible denial of service, not severe enough to solve) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/23d5928c487f3c7dba551a964e1d78528502d854 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/23d5928c487f3c7dba551a964e1d78528502d854 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits