[Git][security-tracker-team/security-tracker][master] new thunderbird issues

Moritz Muehlenhoff Mon, 08 Oct 2018 14:32:00 -0700

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
406bf910 by Moritz Muehlenhoff at 2018-10-08T21:30:17Z
new thunderbird issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -13918,8 +13918,10 @@ CVE-2018-12385
        {DSA-4304-1}
        - firefox 62.0.2-1
        - firefox-esr 60.2.1esr-1
+       - thunderbird 1:60.2.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-22/#CVE-2018-12385
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/#CVE-2018-12385
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12385
 CVE-2018-12384 [ServerHello.random is all zero when handling a v2-compatible 
ClientHello]
        RESERVED
        - nss 2:3.39-1 (low; bug #908332)
@@ -13934,8 +13936,10 @@ CVE-2018-12383
        {DSA-4304-1}
        - firefox 62.0-1
        - firefox-esr 60.2.1esr-1
+       - thunderbird 1:60.2.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12383
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/#CVE-2018-12383
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12383
 CVE-2018-12382
        RESERVED
        - firefox <not-affected> (Android-specific)
@@ -13953,29 +13957,37 @@ CVE-2018-12379
        - firefox 62.0-1 (unimportant)
        - firefox-esr 60.2.0esr-1 (unimportant)
        [stretch] - firefox-esr 60.2.0esr-1~deb9u2
+       - thunderbird 1:60.2.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12379
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12379
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12379
 CVE-2018-12378
        RESERVED
        {DSA-4287-1}
        - firefox 62.0-1
        - firefox-esr 60.2.0esr-1
+       - thunderbird 1:60.2.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12378
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12378
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12378
 CVE-2018-12377
        RESERVED
        {DSA-4287-1}
        - firefox 62.0-1
        - firefox-esr 60.2.0esr-1
+       - thunderbird 1:60.2.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12377
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12377
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12377
 CVE-2018-12376
        RESERVED
        {DSA-4287-1}
        - firefox 62.0-1
        - firefox-esr 60.2.0esr-1
+       - thunderbird 1:60.2.1-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2018-12376
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2018-12376
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2018-12376
 CVE-2018-12375
        RESERVED
        - firefox 62.0-1
@@ -51035,10 +51047,12 @@ CVE-2017-16541 (Tor Browser before 7.0.9 on macOS and 
Linux allows remote attack
        - firefox 62.0-1 (unimportant)
        - firefox-esr 60.2.0esr-1 (unimportant)
        [stretch] - firefox-esr 60.2.0esr-1~deb9u2
+       - thunderbird 1:60.2.1-1
        NOTE: https://trac.torproject.org/projects/tor/ticket/24052
        NOTE: https://blog.torproject.org/tor-browser-709-released
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-20/#CVE-2017-16541
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/#CVE-2017-16541
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/#CVE-2017-16541
 CVE-2017-16540 (OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote 
database ...)
        NOT-FOR-US: OpenEMR
 CVE-2017-16539 (The DefaultLinuxSpec function in oci/defaults.go in Docker 
Moby through ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -75,6 +75,8 @@ sssd
 --
 symfony
 --
+thunderbird (jmm)
+--
 wesnoth-1.12
 --
 wireshark (jmm)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/406bf91042e71710a2257dbc95e915d5949d610e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/406bf91042e71710a2257dbc95e915d5949d610e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new thunderbird issues

Reply via email to