[SECURITY] [DSA 5606-1] firefox-esr security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5606-1] firefox-esr security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 24 Jan 2024 19:17:57 +0000
Message-id: <[🔎] ZbFiZVsoYeKyj3dG@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5606-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 24, 2024                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 
                 CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 
                 CVE-2024-0755

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, phishing, clickjacking, privilege escalation, HSTS bypass or
bypass of content security policies.

For the oldstable distribution (bullseye), these problems have been fixed
in version 115.7.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 115.7.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmWxXEUACgkQEMKTtsN8
TjZPIQ/+PSv6op0tJDa5J/C5jJo3w7dic4eb29gwL0NawP7UCWyi5gV5T0auzFDG
hWkdc11XhCOFmVdObwcwLMnlx+VYQV4262ZwO1bUDjFa959Cw9i4uVlacqzOIUbx
dfFUyIIH92LZd7P0ln5OCmyKrw0CR/cgKacTYen3U6VGyOB1V7ux7IudUh2v19V+
VH5pUhLxWPi8ff9PMkC10j0GUwKZI2QncJo5990yg8tKgXrhVC7DXU/R97WQ9+Fw
qBb6RBezjIGK+rgfPrXSIX7rMVvjNTd0r22bqCr3jk/gJEt/u/oWbPETNUOTXlhO
e7R4SIobP9GIhiSlHmY8ZHovbvvy5xfayW4GmlFj6JKZ3hxLdJ3PDwwTulH52v+w
PuTo6yWeSE8TJFFps0jxN5gKwp6G0dpdixLYrG1ntLqUeDwDlcvp6b+KuzTB+Iyf
kVrGIXX/8mPJIHXGU2bFFHJL0i/JX34aKno1G9O8TWHGg5K3KHXhkKmoWklaiwt5
Fe71c215JuPVY2dDetCyrM+MubDRX9NxpW41K2fonou37xVquIqpj5WKjw9HacIl
pIpBCNzs2vbOI0uTV2cUEJnsv1TPvaDa4VnKm9tF6IfGpyFoW5muAichyBJTieN5
ramWR2qDHSdqOMAUSADO5aoGUv8Mn8L5+k2BJHsCLfHU4Xe1MwM=
=0gOJ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5605-1] thunderbird security update
Next by Date: [SECURITY] [DSA 5607-1] chromium security update
Previous by thread: [SECURITY] [DSA 5605-1] thunderbird security update
Next by thread: [SECURITY] [DSA 5607-1] chromium security update
Index(es):
- Date
- Thread