The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 999 | all | firefox | < 59.0.1-1 | firefox_59.0.1-1_all.deb |
Debian | 12 | all | firefox-esr | < 52.7.2esr-1 | firefox-esr_52.7.2esr-1_all.deb |
Debian | 11 | all | firefox-esr | < 52.7.2esr-1 | firefox-esr_52.7.2esr-1_all.deb |
Debian | 10 | all | firefox-esr | < 52.7.2esr-1 | firefox-esr_52.7.2esr-1_all.deb |
Debian | 999 | all | firefox-esr | < 52.7.2esr-1 | firefox-esr_52.7.2esr-1_all.deb |
Debian | 13 | all | firefox-esr | < 52.7.2esr-1 | firefox-esr_52.7.2esr-1_all.deb |
Debian | 12 | all | libvorbisidec | < 1.2.1+git20180316-1 | libvorbisidec_1.2.1+git20180316-1_all.deb |
Debian | 11 | all | libvorbisidec | < 1.2.1+git20180316-1 | libvorbisidec_1.2.1+git20180316-1_all.deb |
Debian | 10 | all | libvorbisidec | < 1.2.1+git20180316-1 | libvorbisidec_1.2.1+git20180316-1_all.deb |
Debian | 999 | all | libvorbisidec | < 1.2.1+git20180316-1 | libvorbisidec_1.2.1+git20180316-1_all.deb |