[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4354-1] firefox-esr security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4354-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 12, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2018-12405 CVE-2018-17466 CVE-2018-18492
                 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or bypass of the same-origin policy.

For the stable distribution (stretch), these problems have been fixed in
version 60.4.0esr-1~deb9u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwReJMACgkQEMKTtsN8
TjbyQg//SRZSh5Phbk+k8hy6eOLAaJ6fXP8pddqwu2leOQehmOPMyyXYkTCIFmqV
uGiVonpvBa9tvQPkGP65nmvrsfW+4cqgK9t34H4atPktU9jpnpnkHECL72KRkMiS
iCj7aydK59kT4+gB/ESyPboGz/OGu7cz+7GFp7/2o4kY9rawUwQQAaorLdNI1QOM
SAA3BpK0VFZ0ywg4gwVrHfxyoqTKhjW67ccZgvLmbo8yert6710DOTtw82lt1lbt
qqAzALTfwEn9NLoWSdXKp/0QgHdM0EaeQo8AWeunDQKoInwPwXVtFzor3x69dbf5
VrHGgjf8J+W9gKykwQDgawCVqAw9dqqOK7J39PXPSBWTboEsO2xHq6wkTN8Kcgyl
U7UbPqnjKum/BWS6WbnH50wWRekGygc4E/O9Jc8ZwSSJs9VJzxZr0Fv7Oj/g0RKa
zcdeMqpF5FdJnZDqaztCEAsn/zBANOxJuRx6ei07c2o5Irv4x3x+gLkSSiz+kSCv
HAN2VDaptT6cRw8FsAARSt5Yqn9RD+F36f2OEv/VyHqybrv3QAis9YoXaxoqiheo
RR+ekx180yWrj8LishdTZsKSsZ210Mt98hsaDac2Z018ptoyZ/8gAu+q1xk7M8Sy
60fANkSm6XB+FjIoUquVT6Lxa/+5ofs7dcVU8QfJ0mKFl7WOJHY=
=yUHi
-----END PGP SIGNATURE-----


Reply to: