[Git][security-tracker-team/security-tracker][master] new firefox-esr issues

Tue, 03 Sep 2019 12:10:43 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
70ab059a by Moritz Muehlenhoff at 2019-09-03T19:09:38Z
new firefox-esr issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -12365,49 +12365,85 @@ CVE-2019-11754
 CVE-2019-11753
        RESERVED
        - firefox <not-affected> (Windows-specific)
+       - firefox-esr <not-affected> (Windows-specific)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11753
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11753
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11753
 CVE-2019-11752
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11752
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11752
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11752
 CVE-2019-11751
        RESERVED
        - firefox <not-affected> (Windows-specific)
+       - firefox-esr <not-affected> (Windows-specific)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11751
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11751
 CVE-2019-11750
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
+       [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+       [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11750
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11750
 CVE-2019-11749
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
+       [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+       [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11749
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11749
 CVE-2019-11748
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
+       [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+       [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11748
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11748
 CVE-2019-11747
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
+       [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+       [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11747
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11747
 CVE-2019-11746
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11746
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11746
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11746
 CVE-2019-11745
        RESERVED
 CVE-2019-11744
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11744
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11744
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11744
 CVE-2019-11743
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11743
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11743
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11743
 CVE-2019-11742
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11742
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11742
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11742
 CVE-2019-11741
        RESERVED
        - firefox <unfixed>
@@ -12415,13 +12451,20 @@ CVE-2019-11741
 CVE-2019-11740
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11740
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11740
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11740
 CVE-2019-11739
        RESERVED
 CVE-2019-11738
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
+       [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+       [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11738
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11738
 CVE-2019-11737
        RESERVED
        - firefox <unfixed>
@@ -12429,11 +12472,17 @@ CVE-2019-11737
 CVE-2019-11736
        RESERVED
        - firefox <not-affected> (Windows-specific)
+       - firefox-esr <not-affected> (Windows-specific)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11736
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11736
 CVE-2019-11735
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
+       [buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
+       [stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11735
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11735
 CVE-2019-11734
        RESERVED
        - firefox <unfixed>
@@ -18580,7 +18629,10 @@ CVE-2019-9813 (Incorrect handling of __proto__ 
mutations may lead to type confus
 CVE-2019-9812
        RESERVED
        - firefox <unfixed>
+       - firefox-esr <unfixed>
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-9812
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-9812
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-9812
 CVE-2019-9811 (As part of a winning Pwn2Own entry, a researcher demonstrated a 
sandbo ...)
        {DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
        - firefox 68.0-1


=====================================
data/dsa-needed.txt
=====================================
@@ -23,6 +23,8 @@ evince/oldstable
 faad2
   not yet fixed upstream
 --
+firefox-esr (jmm)
+--
 freeimage
 --
 ghostscript (carnil)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/70ab059a87a651b6ed52fcfcf4456fbd52368f6b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/70ab059a87a651b6ed52fcfcf4456fbd52368f6b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to