9c5a4194ec
minor fixes
2024-01-22 16:06:55 -05:00
0c1288d2e2
Assign CVEs
2024-01-22 16:06:42 -05:00
95ed83d597
Advisories for 122
2024-01-22 16:06:33 -05:00
60f7e6752b
Focus 122 security advisories
2024-01-22 13:22:25 -05:00
0cd98175ec
Fix a bug and print the exception issue
2024-01-19 13:38:21 -05:00
862275f1e4
Add a way to assign the bugzilla alias even when you've already assigned the CVEs
2024-01-19 13:38:21 -05:00
e1ebf58024
+x
2024-01-19 13:38:21 -05:00
f5e630ecbe
Set Bugzilla aliases while assigning CVE-IDs
2024-01-19 13:38:21 -05:00
ace30f8de5
Do not update CVEs from before 2023 through GitHub Actions
2024-01-19 12:56:40 -05:00
923d75ec0e
Correct problems detected by stricter formatting checks
2024-01-19 12:56:40 -05:00
37d13dff8f
Improve formatting checks arround advisory titles and descriptions
...
- Check that the title doesn't contain <code> tags or backticks
- Check that titles which contain a colon are surrounded by quotes
- Check that the description only contains basic html tags that should be used for formatting the description
Closes https://github.com/mozilla/foundation-security-advisories/issues/136
2024-01-19 12:56:40 -05:00
72837ee131
Remove disclaimer for tbird, remove <code> from titles, escape <dialog>
2023-12-19 11:41:20 -05:00
ee0b5f0f93
Advisories for Firefox 121, ESR 115.6, and Thunderbird 115.6
...
* Advisories for Firefox 121, ESR 115.6, and Thunderbird 115.6
* Assign CVE ids
---------
Co-authored-by: pyoor <pyoor@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2023-12-19 08:35:39 -05:00
e17796af66
Update the MFSA-RESERVE regex to allow for the MFSA-RESERVE-2023-2 style used now for rollup advisories
2023-12-15 12:38:34 -05:00
e42c4bd05b
Add an advisory for an issue fixed in NSS 3.61
2023-12-12 12:01:03 -05:00
08adf01e73
Fix attribution in CVE-2023-6210
2023-11-23 14:33:10 +01:00
9bd5833d71
If we want to be pedantic about version numbers, make them match all the others...
2023-11-22 11:45:26 -05:00
01a2379fb7
expand version number to two dots. add forgotten ESR label
2023-11-22 06:54:46 +01:00
62744a18e6
Thunderbird 115.5.0 advisories ( #67 )
...
* Advisories for iOS Release 115
* Thunderbird 115.0.1 advisories
* Thunderbird 115.5.0 advisories
---------
Co-authored-by: Laurie Marceau <lmarceau@mozilla.com>
Co-authored-by: Daniel Veditz <dveditz@gmail.com>
Co-authored-by: Frederik Braun <fb@frederik-braun.com>
2023-11-21 09:26:37 -05:00
21a871ddb1
Advisories for Firefox iOS Release 120 ( #66 )
...
* Advisories for iOS Release 115
* Thunderbird 115.0.1 advisories
* Advisories for iOS Release 120
* Improve advisories description per comment
---------
Co-authored-by: Daniel Veditz <dveditz@gmail.com>
2023-11-21 09:26:04 -05:00
eea98a8cd6
Advisories for 120/115.5 ( #65 )
...
* Advisories for iOS Release 115
* Thunderbird 115.0.1 advisories
* Advisories for 120/115.5
* indentation fix
* mfsa-id needs to be 4 or more digits at the end for check_advisories
* assign CVE IDs
* fix attribution
* Fix attribution on CVE-2023-6207
---------
Co-authored-by: Laurie Marceau <lmarceau@mozilla.com>
Co-authored-by: Daniel Veditz <dveditz@gmail.com>
Co-authored-by: Frederik Braun <fb@frederik-braun.com>
2023-11-21 09:25:29 -05:00
21b762c1e2
Add "Assignment and Release Process" section in readme
2023-11-13 22:01:35 +00:00
990292ecf8
Thunderbird is doing a .1 instead of a .0
2023-10-24 17:05:44 -04:00
705b900e7f
Advisories for iOS Release 119
2023-10-24 15:56:40 -04:00
39eccba921
Update 117 Advisory and add a bug reference to the more recent ones
2023-10-24 15:29:03 -04:00
667e7ec643
Add Thunderbird Advisory
2023-10-24 14:23:46 -04:00
698d079300
Assign CVE ids
2023-10-23 17:22:07 +00:00
419ae3cecc
Add the Advisories for Firefox 119
2023-10-23 13:20:23 -04:00
8b681ca024
Enable CVE Publishing Script
2023-10-23 09:46:51 +02:00
f54704e6b0
Separate Push and Pull Request Workflows
2023-10-06 12:54:27 -04:00
b4c8aceca9
Update the note for the chemspill
2023-10-04 13:31:49 -04:00
857b53b9b0
Update the CVE number for the webp bug
2023-09-29 13:31:28 -04:00
5a158abe01
Add Tbird to the chemspill
2023-09-29 10:20:26 -04:00
e3004da380
adjust affected products numbers to include android
2023-09-28 10:22:28 +02:00
d9b866cf26
Advisory for Firefox 118.0.1, ESR 115.3.1
2023-09-28 10:15:57 +02:00
7f6dab6334
Update a CVE to indicate that it is Windows-only
2023-09-27 14:54:21 -04:00
043ecca1da
update cve id of libwebp advisory
2023-09-27 20:18:02 +02:00
fd5576e02e
Add thunderbird advisories
2023-09-26 12:04:06 -04:00
9a0a27ebcc
Assign CVE ids
2023-09-25 15:03:44 +00:00
c8b285d3e3
Assign temporary ids for 118 and 115.3 advisories
2023-09-25 16:58:40 +02:00
632c6696bb
Add advisories for 118 and 115.3
2023-09-22 12:06:54 -04:00
a166eec158
fix HoF entry ( #128 )
2023-09-20 12:18:48 -07:00
5ec4ea756a
Fix bad formatting of "Products" and "Fixed In" sections for latest advisory ( #127 )
...
* Fix `fixed_in` section in MFSA-2023-40
* Ensure that there are no commas in `fixed_in` when running check_advisories
2023-09-13 15:23:16 +02:00
2a6bbaa8cc
Add back accidentally-deleted MFSA 2023-37 advisory
2023-09-12 16:21:40 -04:00
ba05c4c414
Add advisories for Firefox Release 117.0.1, Firefox ESR 115.2.1, Firefox ESR 102.15.1, Thunderbird 102.15.1, and Thunderbird 115.2.2 ( #62 )
...
* Initial advisory for 117.0.1
* remaining products
* using google's CVE
* Lump it all together
* exclude from cve feed
---------
Co-authored-by: Frederik Braun <fb@frederik-braun.com>
2023-09-12 13:46:36 -04:00
b6057f4cfa
Add scripts and workflow for publishing to CVE Services ( #122 )
2023-09-11 13:39:21 +02:00
63d0f74ad2
Rename Mozilla VPN advisory
2023-09-11 09:57:21 +02:00
0530615222
add hall of fame mentions for Q2 2023
2023-09-07 08:07:46 -04:00
b6762426b8
Fix typo in mfsa2023-39.yml
2023-09-04 11:54:46 -04:00
76e22fdf02
Add advisory for mozilla vpn (linux) bug
2023-09-04 15:02:13 +02:00
Tom Ritter
Laurie Marceau
Malte Juergens
Ryan VanderMeulen
Frederik Braun
Frederik Braun
github-actions[bot]
Malte Jürgens
Frida Kiriakos
Frida Kiriakos