[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2016-2839 / Firefox-ESR

Hi Brian,

> 45.3.0esr-1~deb7u1 in wheezy is vulnerable.
> 45.3.0esr-1~deb8u1 in jessie is vulnerable.
> 45.3.0esr-1 in sid and stretch is not vulnerable.
> Which makes me wonder if Wheezy and Jessie versions have been fixed, but
> not marked as such

Good spot.

CVE-2016-2839 is marked as fixed in the changelog of 45.3.0esr-1~deb7u1.
Mike, as author of that changelog entry, can you comment here?


Chris Lamb
chris-lamb.co.uk / @lolamby

Reply to: