it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5606-1] firefox-esr security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5606-1] firefox-esr security update
Date: Wed, 24 Jan 2024 19:17:57 +0000
List-archive: https://lists.debian.org/msgid-search/ZbFiZVsoYeKyj3dG AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=0It1GHruCBWwv6U7BVEfy4L6E9G0v1KsQZpn+RS5OQ4=; b=ps gAK3adeYNxPlDL20RUgnACRx88C8gjeBDoLz+eZ19vIIsCDFgqWiyhN8MBRpt2IjQDcMUlcfiqBRs kXxVmtpKJv+B7Zs3oPAGqAYOEc/JEzZen3Ny3XYDsIWaVtl0PzV6rSbG2PB221og+CgwJTJsInKg5 6b5WebUSGmkh94uRpohinr0dXdYoYopg6/MKTEC7DEljdQguc8Nc2m1xQn29G2oZY/TxOktUUHhoB unLfz2eTrlv/bxzrMYV1ZRAbtD/7I5AhiYpnti7sq46De7V2HGXmJip2yPaAMjLAS687ZfqGlHvC0 KNibX6x8aLMMphXORBn+uFY7NXQ4O+Mw==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Wed, 24 Jan 2024 19:18:38 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <0zQUX0NBw4L.A.3FE.OKWslB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5606-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 24, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747
CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753
CVE-2024-0755

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, phishing, clickjacking, privilege escalation, HSTS bypass or
bypass of content security policies.

For the oldstable distribution (bullseye), these problems have been fixed
in version 115.7.0esr-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 115.7.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmWxXEUACgkQEMKTtsN8
TjZPIQ/+PSv6op0tJDa5J/C5jJo3w7dic4eb29gwL0NawP7UCWyi5gV5T0auzFDG
hWkdc11XhCOFmVdObwcwLMnlx+VYQV4262ZwO1bUDjFa959Cw9i4uVlacqzOIUbx
dfFUyIIH92LZd7P0ln5OCmyKrw0CR/cgKacTYen3U6VGyOB1V7ux7IudUh2v19V+
VH5pUhLxWPi8ff9PMkC10j0GUwKZI2QncJo5990yg8tKgXrhVC7DXU/R97WQ9+Fw
qBb6RBezjIGK+rgfPrXSIX7rMVvjNTd0r22bqCr3jk/gJEt/u/oWbPETNUOTXlhO
e7R4SIobP9GIhiSlHmY8ZHovbvvy5xfayW4GmlFj6JKZ3hxLdJ3PDwwTulH52v+w
PuTo6yWeSE8TJFFps0jxN5gKwp6G0dpdixLYrG1ntLqUeDwDlcvp6b+KuzTB+Iyf
kVrGIXX/8mPJIHXGU2bFFHJL0i/JX34aKno1G9O8TWHGg5K3KHXhkKmoWklaiwt5
Fe71c215JuPVY2dDetCyrM+MubDRX9NxpW41K2fonou37xVquIqpj5WKjw9HacIl
pIpBCNzs2vbOI0uTV2cUEJnsv1TPvaDa4VnKm9tF6IfGpyFoW5muAichyBJTieN5
ramWR2qDHSdqOMAUSADO5aoGUv8Mn8L5+k2BJHsCLfHU4Xe1MwM=
=0gOJ
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5606-1] firefox-esr security update, Moritz Muehlenhoff, 24.01.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.