[SECURITY] [DSA 5950-1] firefox-esr security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5950-1] firefox-esr security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 25 Jun 2025 21:02:05 +0000
Message-id: <[🔎] aFxjzafJ28DBltgH@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5950-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
June 25, 2025                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2025-6424 CVE-2025-6425 CVE-2025-6429 CVE-2025-6430

Multiple security issues have been found in the Mozilla Firefox
web browser, which could potentially result in the execution
of arbitrary code.

For the stable distribution (bookworm), these problems have been fixed in
version 128.12.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmhcYiEACgkQEMKTtsN8
TjaRyw//YZKdw+6TJim9VPs8N0Tm519ebA8gDb1/74tokQM1FP8V2g1a9ymXoJSJ
QLQq4ibmODAR6462ZjiYRf8dwyYOZIV0uABzIKT4PVRVbiHTpCz++HC0CDGGT3vs
7FdiARp+bpqkoqobgTEuK2LWhVbmGaNt5E17fOym2qUBNWU29wroF8LEWkfSAAxk
AOqpRH4B0NdPcrmWjS0K2I3uqV1As+tKMN2MeJqS499nRDBf7m77DFpxn5gm8xA3
8h0IGXm/IMU/8jORQ/HZ23BS2ZDri+VzBEKzESYSQQLJqRUzJUht0LS8KCTaOm+4
wEVp67VckejhDAiiUF3VgFQ8yyQgfxi6r7PkF1jee7JVqLhziJ8bm+YxtOS7E10d
nxXloEUqQZMvCrJQr6Asx27NvOaTdmvP//PCFLKgtPKTVafCfXRKEnfLuWrcTzvO
yeDvSXHOP+1Xdeq9Iat4gCxSWvC4dUqhDUjFCTOKlJgYUZ1qsVio/j5+8DqadLMP
jkF9XlqGXsQ+iCqD2y5TDMEft/j5vmVATGWgH12ItFk6i5+DZfdLBYzcinzk55hQ
zvSb/HuFxrHk5Wn4Cd42FO5Jr/I+aFDCJqS06HpXQgj/Q2Qse1eUSy/ddcyS3NuW
aZJcT76u0ZEoMREyXItIz0cg4lCiRfd7VqMcSQdipxIqEST/Lxc=
=gMvF
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5949-1] libxml2 security update
Next by Date: [SECURITY] [DSA 5951-1] icu security update
Previous by thread: [SECURITY] [DSA 5949-1] libxml2 security update
Next by thread: [SECURITY] [DSA 5951-1] icu security update
Index(es):
- Date
- Thread