CVE-2016-2839 / Firefox-ESR

To: debian-lts@lists.debian.org, team@security.debian.org
Subject: CVE-2016-2839 / Firefox-ESR
From: Brian May <brian@linuxpenguins.xyz>
Date: Wed, 17 Aug 2016 17:14:55 +1000
Message-id: <[🔎] 87fuq36f4g.fsf@prune.linuxpenguins.xyz>

Hello,

I noticed from https://security-tracker.debian.org/tracker/CVE-2016-2839
for Firefox-ESR that:

45.3.0esr-1~deb7u1 in wheezy is vulnerable.
45.3.0esr-1~deb8u1 in jessie is vulnerable.
45.3.0esr-1 in sid and stretch is not vulnerable.

Which makes me wonder if Wheezy and Jessie versions have been fixed, but
not marked as such because they have earlier Debian versions then the
unstable version.

Regards
-- 
Brian May <brian@linuxpenguins.xyz>
https://linuxpenguins.xyz/brian/

Reply to:

Follow-Ups:
- Re: CVE-2016-2839 / Firefox-ESR
  - From: Chris Lamb <chris@chris-lamb.co.uk>

Prev by Date: Wheezy update of cracklib2?
Next by Date: Re: matrixssl
Previous by thread: Wheezy update of cracklib2?
Next by thread: Re: CVE-2016-2839 / Firefox-ESR
Index(es):
- Date
- Thread