[SECURITY] [DLA 3815-1] firefox-esr security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3815-1] firefox-esr security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Thu, 16 May 2024 09:16:17 +0200
Message-id: <[🔎] 20240516071617.BBD6C2AC952@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3815-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
May 16, 2024                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 115.11.0esr-1~deb10u1
CVE ID         : CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769
                 CVE-2024-4770 CVE-2024-4777

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or clickjacking.

For Debian 10 buster, these problems have been fixed in version
115.11.0esr-1~deb10u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmZFsrkACgkQnUbEiOQ2
gwIwtQ/+LedFNznXvmGjWnQH6pXvjPj9xB2jrnfTM/B0E+7Wz0ZqkB71nWMIKTCP
oQaNBvug0IjSJ4/Qs5ekgu70h1UJpP7lpAIQwuzu2if+t1Az5mJXZU7zxqL8CGN9
dFwJd5J0nsZEfxkR4G2Q20QlUMOLtvbWvlEw0VQll59XZDMv+Y+2Ej55bz67rqn+
3FqGsYQakWLl1lxMH1LuHdjg2WyAb4zwMPhE0ILVD6yBridjo1ulPL0BF9MDnTtQ
U5T8Vr2X/RReiLlQHcJSWxl+jWfLiLEj20mQ2fANQBEEGt5eU5kjJjYA9X+WTq85
J9SR05StfAT5GpbzaV0AR5yV7d6dlPIg6WS6J/356MWpEhtR2xwcrzyGX6r6n4dP
6MEAlxeOi2vhdRZ+xqftMoIPS1UinHCewUtXmoUgH9SaisZGajtdR2aoGBuN90Tm
mctfKOdc+5siriOKD5+8oVk0pq1O4+IK5IZ3bKAhc3BkNmkJnGcb8z4LJfSGGxI3
RFPfsQqDpK7irie7teSXfNOyUDDgNV72ZrinMRP0tzoDZOuuy1VsnEXhIi8tW7n5
bIAHrz1/0W7/08R3OZ2yO7Ki1FR7lU4fdbiGZTGfnxfzYz4EPuu8Hd8C3QlxsDsF
VSBkXY642X0NV/ivgKmgUlmOyPqTRDLZptF2Ee15EgobZV2nQH4=
=RES1
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3813-1] shim security update
Next by Date: [SECURITY] [DLA 3816-1] bind9 security update
Previous by thread: [SECURITY] [DLA 3813-1] shim security update
Next by thread: [SECURITY] [DLA 3816-1] bind9 security update
Index(es):
- Date
- Thread