[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues fixes via unstable

Fri, 16 Jan 2026 00:13:54 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ada8b470 by Salvatore Bonaccorso at 2026-01-16T09:13:33+01:00
Track fixed version for thunderbird issues fixes via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2147,7 +2147,7 @@ CVE-2026-0891 (Memory safety bugs present in Firefox ESR 
140.6, Thunderbird ESR
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0891
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0891
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0891
@@ -2155,7 +2155,7 @@ CVE-2026-0890 (Spoofing issue in the DOM: Copy & Paste 
and Drag & Drop component
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0890
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0890
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0890
@@ -2169,7 +2169,7 @@ CVE-2026-0887 (Clickjacking issue, information disclosure 
in the PDF Viewer comp
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0887
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0887
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0887
@@ -2177,7 +2177,7 @@ CVE-2026-0886 (Incorrect boundary conditions in the 
Graphics component. This vul
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0886
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0886
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0886
@@ -2185,7 +2185,7 @@ CVE-2026-0885 (Use-after-free in the JavaScript: GC 
component. This vulnerabilit
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0885
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0885
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0885
@@ -2193,7 +2193,7 @@ CVE-2026-0884 (Use-after-free in the JavaScript Engine 
component. This vulnerabi
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0884
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0884
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0884
@@ -2201,7 +2201,7 @@ CVE-2026-0883 (Information disclosure in the Networking 
component. This vulnerab
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0883
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0883
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0883
@@ -2209,7 +2209,7 @@ CVE-2026-0882 (Use-after-free in the IPC component. This 
vulnerability affects F
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0882
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0882
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0882
@@ -2220,7 +2220,7 @@ CVE-2026-0880 (Sandbox escape due to integer overflow in 
the Graphics component.
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0880
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0880
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0880
@@ -2228,7 +2228,7 @@ CVE-2026-0879 (Sandbox escape due to incorrect boundary 
conditions in the Graphi
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0879
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0879
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0879
@@ -2236,7 +2236,7 @@ CVE-2026-0878 (Sandbox escape due to incorrect boundary 
conditions in the Graphi
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0878
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0878
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0878
@@ -2244,7 +2244,7 @@ CVE-2026-0877 (Mitigation bypass in the DOM: Security 
component. This vulnerabil
        {DSA-6101-1 DLA-4439-1}
        - firefox 147.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-01/#CVE-2026-0877
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2026-0877
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2026-0877
@@ -17843,7 +17843,7 @@ CVE-2025-14327 (Spoofing issue in the Downloads Panel 
component. This vulnerabil
        {DSA-6101-1 DLA-4439-1}
        - firefox 146.0-1
        - firefox-esr 140.7.0esr-1
-       - thunderbird <unfixed>
+       - thunderbird 1:140.7.0esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2025-92/#CVE-2025-14327
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-03/#CVE-2025-14327
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2026-05/#CVE-2025-14327



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ada8b4707b00c20b2f011da99e5cb92625cce3ce

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ada8b4707b00c20b2f011da99e5cb92625cce3ce
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to