[SECURITY] [DLA 4078-1] firefox-esr security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 4078-1] firefox-esr security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Thu, 6 Mar 2025 12:39:00 +0100
Message-id: <[🔎] 20250306113900.980932A9502@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4078-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
March 06, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 128.8.0esr-1~deb11u1
CVE ID         : CVE-2024-43097 CVE-2025-1931 CVE-2025-1932 CVE-2025-1933
                 CVE-2025-1934 CVE-2025-1935 CVE-2025-1936 CVE-2025-1937
                 CVE-2025-1938

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code.

For Debian 11 bullseye, these problems have been fixed in version
128.8.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmfJiVIACgkQnUbEiOQ2
gwKaWg/8CI8yGh5nfb4lmqAC2zwDZogG1wVD63O/kUo+csk43IlgHo7Hoyyghvli
r2WURdLLeOlAQhyMAX/2t0/f9BbBKyJRKqvrJntmuc2ci/tde2nRVOUMJEjyOFlz
BI1jAG4Le8sl0AGy2ZmO/n20eCrT9pxCY5kqXOLiRRgJgw5WHmN/oe+njXd2wXJx
MLRbcwWWntWmYoE4h18G+dCtlj/g4xZ3jLW8clQkyS//pCa5SnDuR3DFKzbR0PMH
Q8mJdcljoHCQTY3THXzEY26k/HidAGTnUF89GUBBDM7aif/QHWWscKRYAjtTcIA4
2TWCz/IIkeBG5HT2ouklBdtsTD9bSKwwLa/KZcSwsVQ174o3LDn4PpXQp8p+Kj+6
Zk+l17TyTKDIGAJEq+6iC+xOPnPhJlK4KY8hv4qDAh2X8UaXmPk1wVLehOpLPNA/
oN97VleOoVDK5UVSviEKZWGcN4QzKNy4qCKlZjyO9UhED1l4WnMN2WyJfPFH8nh5
CT0BmbqlUIG78PmyShTqL4dzMncGG5YP6H7q+ODJ2VBOU2FPVUwrTuCKEOspi3Cb
U5QMhNVABlX7KOTRANF+GDWitRH8M4kkbzdtOTp1NfiPZKvKaQOR471RyVIx9S/+
OFL1ljfOnWwmzvURGkK5Z0J+5UXHKDZ+ruW82KxtLDD6R1zqtp0=
=AT/B
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4077-1] proftpd-dfsg security update
Next by Date: [SECURITY] [DLA 4079-1] openvpn security update
Previous by thread: [SECURITY] [DLA 4077-1] proftpd-dfsg security update
Next by thread: [SECURITY] [DLA 4079-1] openvpn security update
Index(es):
- Date
- Thread