-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4354-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff December 12, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2018-12405 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy. For the stable distribution (stretch), these problems have been fixed in version 60.4.0esr-1~deb9u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwReJMACgkQEMKTtsN8 TjbyQg//SRZSh5Phbk+k8hy6eOLAaJ6fXP8pddqwu2leOQehmOPMyyXYkTCIFmqV uGiVonpvBa9tvQPkGP65nmvrsfW+4cqgK9t34H4atPktU9jpnpnkHECL72KRkMiS iCj7aydK59kT4+gB/ESyPboGz/OGu7cz+7GFp7/2o4kY9rawUwQQAaorLdNI1QOM SAA3BpK0VFZ0ywg4gwVrHfxyoqTKhjW67ccZgvLmbo8yert6710DOTtw82lt1lbt qqAzALTfwEn9NLoWSdXKp/0QgHdM0EaeQo8AWeunDQKoInwPwXVtFzor3x69dbf5 VrHGgjf8J+W9gKykwQDgawCVqAw9dqqOK7J39PXPSBWTboEsO2xHq6wkTN8Kcgyl U7UbPqnjKum/BWS6WbnH50wWRekGygc4E/O9Jc8ZwSSJs9VJzxZr0Fv7Oj/g0RKa zcdeMqpF5FdJnZDqaztCEAsn/zBANOxJuRx6ei07c2o5Irv4x3x+gLkSSiz+kSCv HAN2VDaptT6cRw8FsAARSt5Yqn9RD+F36f2OEv/VyHqybrv3QAis9YoXaxoqiheo RR+ekx180yWrj8LishdTZsKSsZ210Mt98hsaDac2Z018ptoyZ/8gAu+q1xk7M8Sy 60fANkSm6XB+FjIoUquVT6Lxa/+5ofs7dcVU8QfJ0mKFl7WOJHY=yUHi -----END PGP SIGNATURE-----