[SECURITY] [DSA 5464-1] firefox-esr security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5464-1] firefox-esr security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 3 Aug 2023 17:27:01 +0000
Message-id: <[🔎] ZMvjZV9HooaWy811@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5464-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 03, 2023                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048 
                 CVE-2023-4049 CVE-2023-4050 CVE-2023-4055 CVE-2023-4056

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, bypass of the same-origin policy, spoofing or sandbox bypass.

For the oldstable distribution (bullseye), these problems have been fixed
in version 102.14.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 102.14.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTL4ygACgkQEMKTtsN8
TjZ2nQ//YUyg2nEzvoHNRQHE9ezAxjfXUqkQjS7IEfavk7APQzLq4hvNcnkOab7u
6vRimyFObl5o07byVlrDSUUENk7JivvX4HWd7h+CwJAb9Q+XE0qtHMovtbpwlut9
nH/C5nUvtVHXok1A33fDvcYTqKX/5fb+v+LkJQudm7k1CIwqJxPyXkgJ8SHFuqBI
B2s72mGrKM5Ha+woca17+eI8VhHQwXBgnVQRpxK5AeAUwDchez2Pd9xr6R6RBmzi
inRfzvo0CPtKp3WqFEDJHUCGx3k/mmlTbN9V4gQM/TZKi2Vr2qM+zvcEvWn684nK
EHG6bm+u4EUytxAyFw0FsawsbL3ceJXYwPeddX1C2agW8bkfJgs1Eou33Dl+mu8s
vG/IrT08C/udNreiWQWIyELZvIZ8RJoKDyqZB6IOtkdDbkH1IzxaciTZRuJGgmj3
rGWC02+W2tdoTN1p6GVLF5W0e6GvhYDjB+VVU2MWtqRaaE0l4v8vThHWQmfSHQKw
dj8Wil62GumlC1h511SB1p1mQFHtSpBtuHWyZ4Nq3ZACiYfvJlDvq0y1nShE8Ek/
CZvyrCm5vMPW1k8UYyNoRyfo239T5/iC9lYF+1A3NqrI3f5se60/lmc5e+TQ/FzG
2CAOoVdi8EEdCpNkjyt3jkpZo4942ITTO2GZyzm1E6HQUTBY4do=
=Co4j
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5463-1] thunderbird security update
Next by Date: [SECURITY] [DSA 5465-1] python-django security update
Previous by thread: [SECURITY] [DSA 5463-1] thunderbird security update
Next by thread: [SECURITY] [DSA 5465-1] python-django security update
Index(es):
- Date
- Thread