[SECURITY] [DSA 5535-1] firefox-esr security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5535-1] firefox-esr security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 25 Oct 2023 19:14:08 +0000
Message-id: <[🔎] ZTlpADVSC11yAVux@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5535-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
October 25, 2023                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2023-5721 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728 
                 CVE-2023-5730 CVE-2023-5732

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, clickjacking, spoofing or information leaks.

For the oldstable distribution (bullseye), these problems have been fixed
in version 115.4.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 115.4.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmU5Z1kACgkQEMKTtsN8
TjadIw//WpIFeCszG20DdDXl0HDi9sjn9bctL0ff5buoeWGMx3JHJa2D9vauwDLx
nZFzPMfrr8W8ZUZpvFxl1u0n+n9BAfIkPMsjURbDZu6+wembDeVB8d5B2KH667UX
hIHeaiEBrkT3wH0alq6HpkaoYkTipfkyerEIcKp2s0AB9L4qpr7RvGaCuyTTzR4F
m4UUCEja1aAFcywlLwDlyNJksNqHfU+LMeLIDIx/FjrT07C7fEB0KCcNNHRXYyEh
MLDfmxUkrR/QIopQfsXohLDkodzU+K2J7rpjkgk5StbhLVnh3DVkANpALthySM65
iovuDUXCoD7kCpIjshYxYtRioLYtiilRIVudOZ3uU/9TYN7sDXvFiN3OS1gOYk8a
MIzHZHLKcp17VBHGP3z7tRlO5p5r/79jFq2aPuY++rIOCrf/rYMnykukgDEx2i6R
8bpEfen1P5c7qbPWHqTAxo1EdDmSHGiDpxuhQ4ql+G3xDREoQgaFHWv6IwyBdcGt
eMNHSj++gy+p9Hcfh84ynzgpoHcl1tbpVeHw/356sKgJRbsIfYZapk3IPEvziWPt
GBsZzMqVxxq4cM8yietTi8YXB83Xtutbf5QPUgPmCaHKW7icFI3zkcbhjqxO1GHJ
T06MsvqLnv8WtDQBPV42NcksVn6ccW0Ydrc+1JyJ2xwF8YpZaN8=
=DQzK
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5534-1] xorg-server security update
Next by Date: [SECURITY] [DSA 5536-1] chromium security update
Previous by thread: [SECURITY] [DSA 5534-1] xorg-server security update
Next by thread: [SECURITY] [DSA 5536-1] chromium security update
Index(es):
- Date
- Thread