[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DLA 2880-1] firefox-esr security update

On 1/16/22 11:55 AM, Emilio Pozuelo Monfort wrote:

Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2880-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
January 16, 2022                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 91.5.0esr-1~deb9u1
CVE ID         : CVE-2021-4140 CVE-2022-22737 CVE-2022-22738 CVE-2022-22739
                  CVE-2022-22740 CVE-2022-22741 CVE-2022-22742 CVE-2022-22743
                  CVE-2022-22745 CVE-2022-22747 CVE-2022-22748 CVE-2022-22751

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary code,
information disclosure, denial of service or spoofing.

For Debian 9 stretch, these problems have been fixed in version

We recommend that you upgrade your firefox-esr packages.

Hi all,

After a recent upgrade of Firefox and Thunderbird (before this one 91.5) in oldoldstable (running Mate desktop), Firefox keeps asking me to be default browser, even though I have set it as default in Mate's default applications, and respond to that asking by click on 'don't ask me again'.

Furthermore, Thunderbird was also set as a default email client. However, if I click on a weblink in Thunderbird mail, another Thunderbird session opens (instead opening Firefox). And when I close both software, and check again for default Mate applications ... voila ... Thunderbird seems as magically selected itself for both mail client and web browser!

How to prevent that misbehaviour? All worked well until recently with earlier versions of Firefox and Thunderbird. What went wrong with new versions?


Reply to: