[SECURITY] [DLA 3943-1] firefox-esr security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3943-1] firefox-esr security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Thu, 31 Oct 2024 17:55:44 +0100
Message-id: <[🔎] 20241031165544.892EF2A01A5@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3943-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
October 31, 2024                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 128.4.0esr-1~deb11u1
CVE ID         : CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461
                 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465
                 CVE-2024-10466 CVE-2024-10467

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, cross-site scripting, spoofing or information disclosure.

For Debian 11 bullseye, these problems have been fixed in version
128.4.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmcjto0ACgkQnUbEiOQ2
gwLT7hAAsGzqmtHOFwK/SmYUFQNkbSFjp+pTIoxU8OJIO24Vl8kUQ3Hj1mnKQLIm
OE09HYm2qIPU8MH9mkB736ph36WCkbWFZ3CdjgXqIIrMkxHK2dvTHIjZx8gTWjHS
FrsmyHwyeqc7a01gh/DDwpbSIo/gSsw1TFq51b0v+wPzs7R7sSay5xvS4Cy+gjrG
25c5Dfq8qFhSFtcGi9IxWIyV9oqubtPHuFD37JdnvDoDAAMprH3q6CLbtwepjCZy
Mn3aXPglB93CNVFbawD+6AY1TAf2K78ick6i+kLxUy9qB8yLVMK9Kituf7MFnBpu
7PQ49eQpKVXnif3ie0hHQSJ1TrF+vKfOuYAPPYW369tCsOmRmOpmhTHrUjYOAhHa
RBW0lu7ODU+9d+i+NZCoALS/GoI7MvNtR/nh8HIX3zXntmiB65tO5epGgGWsMMIx
pLeYy/OYiyZb/57mA23mqSGmTq9JQ93u7JGVEL0qdHHmC8AglaRWjbNz5x70+E10
wfJfyLhsgwi/3lGL+l5pHihBk3ALT2UgTF3Pdm6JXm1kQVbcrW+yTNzPozwf5a8t
VSucFVv/I2EQ9Qyp0t0fVFVeWtpGrEkIqICj+Vlyt8Rgia6nYDAHFi5sJCHu+Gu0
5i4DIShgcADyvbrLXHhJqCf+ekZy4C5XrkllRhwLAs52lNV0Xk4=
=2Sej
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3942-1] openssl security update
Previous by thread: [SECURITY] [DLA 3942-1] openssl security update
Index(es):
- Date
- Thread