[SECURITY] [DLA 3697-1] firefox-esr security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3697-1] firefox-esr security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Fri, 29 Dec 2023 11:08:44 +0100 (CET)
Message-id: <[🔎] 20231229100844.B99042A00FB@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3697-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
December 29, 2023                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 115.6.0esr-1~deb10u1
CVE ID         : CVE-2023-6856 CVE-2023-6857 CVE-2023-6858 CVE-2023-6859
                 CVE-2023-6860 CVE-2023-6861 CVE-2023-6862 CVE-2023-6863
                 CVE-2023-6864 CVE-2023-6865 CVE-2023-6867

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, sandbox escape or clickjacking.

For Debian 10 buster, these problems have been fixed in version
115.6.0esr-1~deb10u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmWOmqoACgkQnUbEiOQ2
gwKefhAAoZQBSJoZAdBQQsntXnHOjR09PpxPBhtc+Rl8OkjDlYrCUXiXBTtdvPit
+q1XLz5W2yxGptoqI8iMzkk4y9MpX6c6ncTSVLkDwBA9t91P+omKnC8IPUwsFRyT
4L7dncZsm0vuiJwHJWCigpSreEt1zlQhSULgj0g4h/bRAwDMz5zQ/qFmPe2ocLfn
0Lx+8xpcd/n+/jTI1lqAy62lAqIhKLzhotWrrmBV8V1jLLscjTAX5uhJc6yaHhfW
01kvZpY4X+YSpqYoCWlZP2LXnG4JGRpQk4kX3Xt8F3wZVqA+t8yquyK/PloEqdVO
emChkZTPzzfOhR1CgdVi3P4VAw8xaq9CiHAr5xhhEyHDtW5AIAxNN9676B9P6cAg
5XVfQ2Yb4tMboG7y4ojxKXSAUEsOT55RVtAHK6iGyjUX0C4qPltJErJrno255ErT
GtleR8pqXWr72lZWioul9BI3EB5EJw8JCw7WL7/ixUBZGwcrJj9hR5G0/dPSUDbe
KajpGYN1LrMf2ZpLE5pF5IDD+63zQBqzk+iQa/ghmrkXCW9B0Q2yYBFpmZc7Wt5W
LCoKQzSME0ft1uRL9ZooWtH19mV+SSmu++nb0lGkdQDdLG1qt/ZPh4Brz+9jXJ6E
f65JpUC3tUopHTNxJAn4R2Adl422xt7rplwOlc/UMM30+rGnkz8=
=1jYk
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3696-1] asterisk security update
Next by Date: [SECURITY] [DLA 3698-1] thunderbird security update
Previous by thread: [SECURITY] [DLA 3696-1] asterisk security update
Next by thread: [SECURITY] [DLA 3698-1] thunderbird security update
Index(es):
- Date
- Thread