[SECURITY] [DSA 5193-1] firefox-esr security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5193-1] firefox-esr security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 27 Jul 2022 18:06:44 +0000
Message-id: <[🔎] 20220727180644.GA387@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5193-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 27, 2022                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2022-36318 CVE-2022-36319

Multiple security issues have been found in the Mozilla Firefox web
browser, which could result in spoofing.

For the oldstable distribution (buster), these problems have been fixed
in version 91.12.0esr-1~deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 91.12.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmLhfjYACgkQEMKTtsN8
TjZanhAAmjL4A6bC/zvm/G1D9sBtCiKTIxB8+Xc3zg7PYYMK1HxHIG5xLVCTMBr3
MHni8mU/uu6lLauG7D+Ed/rJLs9e8uB3awmoQGLDZGsiRQyJifRafriOh/Of/2iq
4HATehgxbPfEjsGdd3pQRXTW9nAUZBuNH7h85Gz2eDzx1MUOdZubm5bBVWNoqT3N
XdVveVivWPzEWf3XPh8Ry1RLkzfIHXeUidmrRoxW4S+YVOqTUyUTnWDMSvj3Q+37
aKOPHrsboKN4qluksbn8Sr2xFw7f7vqAUdoI+P0mRMw0qhGbPMjNEmlo6kvauky2
jm3a5UDHKSXHRYlL3dpwLuADH8vtKv5HJzbRO+Hf/PU0xkk0T7Snr1FNHFp4NR/g
snn7X9e8E63kCl25k3g5aPXywG1ktzFIcel5QGbZ8WkRY5NzWTSK+UpCMLl8P7Vt
ea7Rubi3iZwx28G4E0vF+HrHJ63g5e0au4djW3aQbpGP+S3nJkMzfNH9DuzNIuBG
XlriacLzfRDyOJvqe9mHZHta4KFbOqD2n7U3vSLZbIp/bBOrd6C3N5jXqJrHhQwm
WwX/7OY6+WwSCJUXHouNVNRVtUo7LIRRkF29Qn1sxNzC2jwaB6S9s4ygGNZ6FSu5
j511qDJOlxXa1b2iRCTPxWtOQKl2FWC83wlWW0cnyK40mu6uyVQ=
=J/If
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5192-1] openjdk-17 security update
Next by Date: [SECURITY] [DSA 5194-1] booth security update
Previous by thread: [SECURITY] [DSA 5192-1] openjdk-17 security update
Next by thread: [SECURITY] [DSA 5194-1] booth security update
Index(es):
- Date
- Thread