it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5535-1] firefox-esr security update
- Date: Wed, 25 Oct 2023 19:14:08 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/ZTlpADVSC11yAVux AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=zWUeZj3lUAV4kzO26Dhj6kGgs1ZJ6JJnQuyKJBIldxE=; b=uL 9KySxhZhYDxoRhOED39cek77GZuuXZj9FtIKKJf9BYrj1bZbSNO1G2hxB2SvCHT4AIUkzT8kZMAcn anK2YPJoE7yvLvJfgdBNFmvD+aqq9tJ+ibTivIYM+Bm5baZ0+AU8eI4JFPF81BCdqEHc7wmn7tLGk Zu0v/BLcNOl3C9w9QWVWM8uuXf0tbduPcm7+Q/zGAjMMYMR0hHs62d4d9v/D77SSVoyilhcSWS4Wb RW6dMTOKS7rGZnSVbPto87hf/DtG1XxTcKqTnIMo4r1FT908uShmX7S9p8CABKgYTJrXb7rDRChM2 XxOKQUoZDc5Vm7nsdEbKB6ddgYKbb2fA==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Wed, 25 Oct 2023 19:14:38 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <h2eOfAXJwkO.A.aFC.ekWOlB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5535-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 25, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : firefox-esr
CVE ID : CVE-2023-5721 CVE-2023-5724 CVE-2023-5725 CVE-2023-5728
CVE-2023-5730 CVE-2023-5732
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, clickjacking, spoofing or information leaks.
For the oldstable distribution (bullseye), these problems have been fixed
in version 115.4.0esr-1~deb11u1.
For the stable distribution (bookworm), these problems have been fixed in
version 115.4.0esr-1~deb12u1.
We recommend that you upgrade your firefox-esr packages.
For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmU5Z1kACgkQEMKTtsN8
TjadIw//WpIFeCszG20DdDXl0HDi9sjn9bctL0ff5buoeWGMx3JHJa2D9vauwDLx
nZFzPMfrr8W8ZUZpvFxl1u0n+n9BAfIkPMsjURbDZu6+wembDeVB8d5B2KH667UX
hIHeaiEBrkT3wH0alq6HpkaoYkTipfkyerEIcKp2s0AB9L4qpr7RvGaCuyTTzR4F
m4UUCEja1aAFcywlLwDlyNJksNqHfU+LMeLIDIx/FjrT07C7fEB0KCcNNHRXYyEh
MLDfmxUkrR/QIopQfsXohLDkodzU+K2J7rpjkgk5StbhLVnh3DVkANpALthySM65
iovuDUXCoD7kCpIjshYxYtRioLYtiilRIVudOZ3uU/9TYN7sDXvFiN3OS1gOYk8a
MIzHZHLKcp17VBHGP3z7tRlO5p5r/79jFq2aPuY++rIOCrf/rYMnykukgDEx2i6R
8bpEfen1P5c7qbPWHqTAxo1EdDmSHGiDpxuhQ4ql+G3xDREoQgaFHWv6IwyBdcGt
eMNHSj++gy+p9Hcfh84ynzgpoHcl1tbpVeHw/356sKgJRbsIfYZapk3IPEvziWPt
GBsZzMqVxxq4cM8yietTi8YXB83Xtutbf5QPUgPmCaHKW7icFI3zkcbhjqxO1GHJ
T06MsvqLnv8WtDQBPV42NcksVn6ccW0Ydrc+1JyJ2xwF8YpZaN8=
=DQzK
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5535-1] firefox-esr security update, Moritz Muehlenhoff, 25.10.2023
Archiv bereitgestellt durch MHonArc 2.6.24.