it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5156-1] firefox-esr security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5156-1] firefox-esr security update
Date: Wed, 1 Jun 2022 18:50:55 +0000
List-archive: https://lists.debian.org/msgid-search/20220601185054.GA12512 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=RP11CXnowW+mrBvrzcopfrCZqJJOP7gHVM3meo0ikgg=; b=DR K39T3rRGggqSP/gXh06g16hKDzoLnVHiZZcrwLckGdncwOjAYO46ddJePvPzOLE5NwThCZtuR7SXV 3RvDP+xunNZNuEZ4Z0hVseUq5AaoW7pmjCK9DIYP7zrQgLpFc4scDICmyYcMN+jk0PPz01SM+MgK1 GJ2/Ed0qr+jzMxd6ZnpkvqLPVFMA2K6sfxmCaLTYpfvHlekLPr91nBMEjcOl18GeIwWoHD3ymT7aE xO/4dU9kAKGlh2zhSeJhAhOSLZ27ePeaZh273T4Ovrec8prytYCjLzSX4nKjVf4Th8TaAiBxu+jVy Q9BYuRKn3tHzbk10w6/7yBFi9qTIiCqw==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Wed, 1 Jun 2022 18:51:15 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <QpIDSqFNiwH.A.y0.jU7liB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5156-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 01, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740
CVE-2022-31741 CVE-2022-31742 CVE-2022-31747

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, information disclosure or spoofing.

For the oldstable distribution (buster), these problems have been fixed
in version 91.10.0esr-1~deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 91.10.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmKXtCoACgkQEMKTtsN8
TjbejBAAowKt+bmZGerG/Etycl+xz/AB5fFpSGJDDr3BD+jYmy8O4GyBskV92/mZ
mK6Of9tL9inDI/8CFLBRnzV4jyxYhDFN51Ux2HuX4Iq8kvJ+RB0AkvYasUsnA0oG
kegPQB60MOtwTUv2vRJBbVtcBy5dygSQAfSx7swPWqr72EbPvZaPIErYppSulJ9D
EoIowWHTI63ycdAi+k+EzL9bsiQR9FeWQ79rcGOZ9sy9cJP/5rdDlC1zHBlIpN7d
fc2Tq66dzcF75H/49QrGOPjpndYuMSjKWtl0guza1JD2QZ0TwHPifmJ+mF/HYgKP
trMguAhQsCpBCFtz2cjpPW1gSFHaAMYlKR2klb9fQabHXF9QCkSJhK4qNRbbOPDw
hC8/qsSgMmx65jzOlMBR8Pu6oppMnuZL9uodDEG1GToIsUDMQD+gkWIL+yy+x4Lo
NuzYMMzq98wQRxXiagaPpiaVbz+DQbRPs5vGN/xcQvtKBh9hvMtqVv2fOkMh7kdh
GHdOrj3BnoPLjrOeKY4Diw6bldT48ECgAX++ImmwG/6Cnq0qvRhhx5Cey470Y3RC
w7wOvO5BJeYXwVuqeAM9Laj44lkOfUrlSy6JpRCxbBUkaDEJbqReX5WptFJPbHTc
kooyUlSTXk6nWy9LhEho8f1OpP0F2HVHUIWRE9cxOhMwaiw1akk=
=I8tK
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5156-1] firefox-esr security update, Moritz Muehlenhoff, 01.06.2022

Archiv bereitgestellt durch MHonArc 2.6.24.