[SECURITY] [DLA 2346-1] firefox-esr security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2346-1] firefox-esr security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Thu, 27 Aug 2020 12:38:54 +0200
Message-id: <[🔎] c82295aa-891d-5a6b-5454-5024efcc6545@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2346-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
August 27, 2020                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 68.12.0esr-1~deb9u1
CVE ID         : CVE-2020-15664 CVE-2020-15669

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or unintended or malicious extensions being installed.

For Debian 9 stretch, these problems have been fixed in version
68.12.0esr-1~deb9u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAl9HjToACgkQnUbEiOQ2
gwKy1g//epY8CxqTiOyX0tSh2oW2HcbemrHCQ1AcnQfaCw7J7E9gcmIou5u2WBWy
ndAz1EbhWE08iFV+IaIzccqA+2kbLNP0IOzFBS4atVTY27ngiR0wXFJK7Hg0uxsf
yDGksv0lnjA79Jk9A5TSJt8uvaDFReQv9W2r57V9fDGky1CGTbIonXXGaMdsieDY
fOHgqkFOXd4TWlnqGai4zSyxaLO5yqsmllLUzH2PuaFs5pwvKgRkz95cu5DmUUuU
faVEO/jyGDpkkVViHCE+baSHoG79xHNGG+Bral/aMdB6O9k25WzOJKW/Dx0tzbMO
K0OSSxNHKSnMKoxrtSn4oH9XH0Pq+NiiX7W4ycDhzX5fWXswm9nyGj1SDH5y2IO/
IRH36ycaXq09+7trw1a+XAB2duQ50PBFqlE01h/xOZ9qzmjmliCU05vgVbRraikH
cbHj6pRFTnN76UYaWyfaYhkNwu9mHVa5SVPPo0y4LxgtIWDLYfX/u+y08Cth8OM3
JzyTsQKZhPCuLK5zbmPhkTtpeVBbSUICKmhfLQzQKVY15VfeYX+cnS5n/djVidsr
BjaOck/WKCz8/wIwG28Qy/MiWI9gmAVPDPcIV1FkW6xgU1Rgw9DHkIrwMe8EOpFT
DiIXoDZ6Oem8MFqKM2LAGnUg5f0Gjz933wevtNh5oUTOUTtoK2c=
=Ybf8
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2345-1] php7.0 security update
Next by Date: [SECURITY] [DLA 2347-1] libvncserver security update
Previous by thread: [SECURITY] [DLA 2345-1] php7.0 security update
Next by thread: [SECURITY] [DLA 2347-1] libvncserver security update
Index(es):
- Date
- Thread