it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5858-1] firefox-esr security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5858-1] firefox-esr security update
Date: Wed, 5 Feb 2025 13:35:01 +0000
Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/Z6NpBRKfyvTdbxGL AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=+3o/UoSY/YlCDSH+Iph/P6vyDCvf3wQlIUYtCA/nCHc=; b=SB BMsm8W0I1dnA5vBVDeFoisw+j0b668YJmOSPPjyLLpO+C07tZZ3pm3KGj34R1Aq+obJEcR/N75RBb KocOeazzAYOMs1RA3hUnprktcT45LosH7oI630kH7JjX2QGM2ZHCVKH5E+1jP4ht8mCYV5N03b3RG 1tvS9BsefJCNyDI4/qdg5YE/gXavA6SP/6j3v6pP1/8hgGnUi9H8+rcFXT18CDlho20zpmUdPvH1o UB4Q2/71/PUulBzjLFYI/iQG0VfvCPlkaCbQ78hjZ1NubgX5UszQ53ulkiPGWTs0FDDsT+JPRsU9b MdZMpCLzB4lwisQL5KIzbXv/3uMMzNgg==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Wed, 5 Feb 2025 13:35:22 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <CNYlKeQCtbH.A.W5nH.ak2onB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5858-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 05, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2024-11704 CVE-2025-1009 CVE-2025-1010 CVE-2025-1011
CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1016
CVE-2025-1017

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code.

For the stable distribution (bookworm), these problems have been fixed in
version 128.7.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmejZ9AACgkQEMKTtsN8
TjaVdQ//RgvkGt2y6vgvls1hEhIrLX//F3Mhjo5cSYQXhA5JDgzdpJLqOjqxKG8b
a49Xs+KTFwIm8H5fuQKRbqFjIOKsLZZInzoYwbF+/8jJ5mvcEntoS06c4KdAYChX
2TBk2ypdXkak2Du9DOi1lBjijKeP6E+4V+ljBcjBIUV/65mu7PrW9uMqgFP/ajZg
j/xmFQ7g/CYzs4exsh8pDIC2r48wfdx725i/vcRYcZzseuc1KkKa9In+hFjoYw/z
MCqTomLTE4DuidNkrBWK/iVeAA3xLCqDQ2FXQa1b56WNI/7X6/APG8m4CFYRst5r
deqCEIb0nl1eofWHxbbPTFN3zf00CURHznnoBsWs9tm0HbpEWt+f8tO6TQCxhNhg
BHnXlUjeXgYT5bXHdxmaNizrtoMdX4l+mZuU/0dSGWf2vgz/GIiHKiPBsdYzrNLT
g2hmu/km9hwtpSZaxCIaEt4z8l/FUs1zVlqPlKxIQTrMgVtQ31dTMPYKDPy2WIN2
YGhYg/RSPznkLsj51zHncMyv58JVScLxWt8aFasZu1He6PcfzKlrpvHT668tEwku
iGVU4Io5Z9U+apXO51GDhtzy9B/KEWcSjyoYT7ZqAnidHHjhcDTFpST/r+GAeHuP
4B2PpbFUV6YyRVcKeFtU8bftII6Dnp9+ldQ6jsQPmrbEgpCsp5k=
=SAOd
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5858-1] firefox-esr security update, Moritz Muehlenhoff, 05.02.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.