-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4235-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 27, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2018-5156 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site request forgery or information disclosure. For the stable distribution (stretch), these problems have been fixed in version 52.9.0esr-1~deb9u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlsz51EACgkQEMKTtsN8 TjaG5g//VNB8C+k6qWT7/svPY3xpkUzbgcCVnzaa715RG+iOSvLIcN8L3cJtUNPT a0iaKz3J1LRKq4sacKXGTLp33ydhLGaLKUdSlcqFwibbnHE5IFhFjE9rtkUHiaVe NL5Qxfwvv7O5pkOdXffXLJF1Steh6/tP/BJZAmkZYPpZZm/VCr8Mziro64MP4wju IdRd0mNZc7kqrH4kR3mwPCAldr6nHWbovKOemavsSns6EL+8sRbNQMDxPToRF9ms j9LdKaTRWG+0jDO9Kq1dmd/lxzirm8hKMICzlJk609QsPBt82x2T0pJ3n4ZQDIRQ ezwd2RM/h8fRgNN+EO73JF62jSBqEoM+2ohsE7nYQFk9b/IAJt/vxb+yQnVMgkEd N3UE5MRT5jRUNnNSaSsrxa7NyYcMRLiz0m8Tkd1xv2S3la4FPu59EwCn7OxuM1jU 3SQH+sn6Dc8JXlIabZf3GnjMIkd534yqHzwkOxNaQRwizfufdq+PjE4lAwiqhbzG gO9Z99vr3rAGhriiMtFaLgLioewM+tv4AXPn6Y/Hm5OLn+OYrKERrLmmWgQ4SSiU P6G2cAv9qtrtLPoK8++yIm955DbDkrUTfu7gGARxYRy8lSZTveglmVOW8Vjx8tFT UpeTl+iFO8AsMYB8VOBYGeuNYykbLQjzmDo7dmLXGBP3afG86uU= =XVYn -----END PGP SIGNATURE-----