[SECURITY] [DLA 3591-1] firefox-esr security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3591-1] firefox-esr security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Sat, 30 Sep 2023 12:16:57 +0200 (CEST)
Message-id: <[🔎] 20230930101657.DCB0F2AB119@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3591-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
September 30, 2023                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 115.3.1esr-1~deb10u1
CVE ID         : CVE-2023-5217

A buffer overflow in VP8 media stream processing has been found in the
Mozilla Firefox web browser, which could potentially result in the
execution of arbitrary code.

For Debian 10 buster, this problem has been fixed in version
115.3.1esr-1~deb10u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmUX9ZcACgkQnUbEiOQ2
gwIP6xAAtuc6GGskmK8cBvYeZhSjJIJqemaf+BuELWk82Qn7+979Czjs2DutG8tf
oO7PwEIk99NjJ/zMuQ1FGCXlH6K4JSC9YXf6a6/Ih01aMXgjoeGBVEQJyifsXEgy
cPemi2GDxcur14RLbPEvs6dhtuHlwDInWR26yiq1R3xnsmZKMD8B7vORSkx70+i1
ssjt155KhTkKLbq2qklLR9Fp05KluA76krlalb9jEtLjrrMtuQnzIOEq3WuC4i1T
Ph+4J/eB/slx3JpgS7dvYMntjKYNiw85+TsxNoFudzKspFyN+eGpQER+L+dWHTQ6
Yr4iC1o1yrHHjZNZdPvJN393WN+3Jwhysxu5cgnbvZt07FmmP0bqTmBBE55uNjkY
bnYrcNkUabBIXRRtLf9gSCYBb8StvbOSCQheIXC5J6lMK/41/2oNZvPYfZU3Yq5/
3SQPKJC+5zJfc+dORGseAxPqIgGfqkYa0h/KWYpQ14sRTCDLkUKM/H4ffMSWas2X
jJWDw8dxPQ3a3q3/KJSW/BHAXUdWzxBDBESm8Ye/75BDz2W7uERO51V2KrOG6G87
jnSD577vIDVzsQhjj7iSNhaKW7hUSAGorFsGlH5/a+4k+aEx4JvmE+0Mubhi9fxS
OGQZmKDS70BbiC/lRhbJdzfv8k52CNtNhtsO7v0hP6bQd1l/Sf4=
=PS4w
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3590-1] python-reportlab security update
Next by Date: [SECURITY] [DLA 3592-1] jetty9 security update
Previous by thread: [SECURITY] [DLA 3590-1] python-reportlab security update
Next by thread: [SECURITY] [DLA 3592-1] jetty9 security update
Index(es):
- Date
- Thread