[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1319-1] firefox-esr security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : firefox-esr
Version        : 52.7.2esr-1~deb7u1
CVE ID         : CVE-2018-5146 CVE-2018-5147

Richard Zhu and Huzaifa Sidhpurwala discovered that an out-of-bounds
memory write when playing Vorbis media files could result in the
execution of arbitrary code.

For Debian 7 "Wheezy", these problems have been fixed in version
52.7.2esr-1~deb7u1.

We recommend that you upgrade your firefox-esr packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlq5fMIACgkQnUbEiOQ2
gwKNTw/+PRSV6iREMrdAdM+Yv1xD43y33tpKYWtveXpi76DMj45qsNS9H7+7JeC8
UGzeGCK6DuhMK7mo+Dq2+Giu4UlzLlqbRu52Kzqv5X8yyOgiHHLcYDKsgr7jRGBu
I6heNURAnRzVlEFv0LeTA6Tg8L9zN2w7jQ89zHlByN/wcU33ahdGcuHsblMWwtxU
M2BUlU+f3vJBNWimw5JIsufn9FRwQynQYpEWP8o1tWadejthFuNathwPoRN5AinD
w/mwz7xgkHzgt1eEurFI+sVmkCN7z2BeZuWysiti0t9EIOATONGzIQb0IJS2AQTO
u0nzfMWg4uFIdf/KLgj6b4aKApmuTPOgvqKgXq4bXVScJmCXipgJeg+dVtX2PxZ8
wqM0PdNzMakdnijek+GeE7k0fBAUWcPIR/n7tg6SxXiCs+LEVDS4TLzETn83Zs/C
LGbIMchTratMTH2zPwFOcQ2FlKuzS3kaPQmKO0Jp1o0qs9vqcgLP9IlYhN/qcbha
tn5QeEl1TQKfegAlqMLMhZ32CpGbJGgsfeELvj+D+aD2Anqhy0q/IOGdxoayUlaP
Xx2mDumOjwGJgZ1p+Ha34WsUzaWvJEMCrRqd0mLjdAyhhQ862tCbPxJs7K7scODl
lJRYxXwh9BY9UhWXPPrL8SrbJDYhTKExzjnRBGOy/fUMrgPYsuM=
=R5Dh
-----END PGP SIGNATURE-----


Reply to: