1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5606-1] firefox-esr security update

    From Moritz Muehlenhoff@21:1/5 to All on Wed Jan 24 20:20:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5606-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff January 24, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : firefox-esr
    CVE ID : CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747
    CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753
    CVE-2024-0755

    Multiple security issues have been found in the Mozilla Firefox web
    browser, which could potentially result in the execution of arbitrary
    code, phishing, clickjacking, privilege escalation, HSTS bypass or
    bypass of content security policies.

    For the oldstable distribution (bullseye), these problems have been fixed
    in version 115.7.0esr-1~deb11u1.

    For the stable distribution (bookworm), these problems have been fixed in version 115.7.0esr-1~deb12u1.

    We recommend that you upgrade your firefox-esr packages.

    For the detailed security status of firefox-esr please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmWxXEUACgkQEMKTtsN8 TjZPIQ/+PSv6op0tJDa5J/C5jJo3w7dic4eb29gwL0NawP7UCWyi5gV5T0auzFDG hWkdc11XhCOFmVdObwcwLMnlx+VYQV4262ZwO1bUDjFa959Cw9i4uVlacqzOIUbx dfFUyIIH92LZd7P0ln5OCmyKrw0CR/cgKacTYen3U6VGyOB1V7ux7IudUh2v19V+ VH5pUhLxWPi8ff9PMkC10j0GUwKZI2QncJo5990yg8tKgXrhVC7DXU/R97WQ9+Fw qBb6RBezjIGK+rgfPrXSIX7rMVvjNTd0r22bqCr3jk/gJEt/u/oWbPETNUOTXlhO e7R4SIobP9GIhiSlHmY8ZHovbvvy5xfayW4GmlFj6JKZ3hxLdJ3PDwwTulH52v+w PuTo6yWeSE8TJFFps0jxN5gKwp6G0dpdixLYrG1ntLqUeDwDlcvp6b+KuzTB+Iyf kVrGIXX/8mPJIHXGU2bFFHJL0i/JX34aKno1G9O8TWHGg5K3KHXhkKmoWklaiwt5 Fe71c215JuPVY2dDetCyrM+MubDRX9NxpW41K2fonou37xVquIqpj5WKjw9HacIl pIpBCNzs2vbOI0uTV2cUEJnsv1TPvaDa4VnKm9tF6IfGpyFoW5muAichyBJTieN5 ramWR2qDHSdqOMAUSADO5aoGUv8Mn8L5+k2BJHsCLfHU4Xe1MwM=
    =0gOJ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)