-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4695-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 03, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys. For the oldstable distribution (stretch), these problems have been fixed in version 68.9.0esr-1~deb9u1. For the stable distribution (buster), these problems have been fixed in version 68.9.0esr-1~deb10u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl7X57kACgkQEMKTtsN8 TjZcEQ//T0Ymf7zuThwAv1YcTWh0qWlzMAd4Ur4F0otQySUVAJ8C1HDg2CcvuvXJ bThdBDXeocvTgqmVtzQXRr2kjSd4s559jXIc7mJGvzX39zZ9WVymPZjmomMVRlh+ pPYi4jRbgbBbu0LJ8nu3QBoXx/0ckyeAQ9YGbBKMWCHPOrpBZM889dqO10iOYYHL MokDMFEDCp9cLYMqEWXyEODKnR5EN+sZhbH6c9fzjYhVrfFi3Zylh2hBIZOhRuFX Dlv0RUPZx0jaL4tmqJK/WpGLUhsNeGIoa0WCcrpll2OULNQWn/fBsWu/ZhtMwGdW 5fJyu62IMspHdTRz/qO6dz8pXUYrpUeCKYg1+2W+uLtSdzX2OUjAO5SYkgbYOrFf sRvjvwyOLbH/zxJcflbz1lDU4GU8asC2TSm5OK+SOzDlu2PiKTCT5hLXClY+l+fw JkE7gn/s15sgkr8PpSdnPD5xRWrwQ/7NwyPdHSEMWtBA29uQiHm0LiPSOCOyHRnC lkTUjeYwRuPxvpTCq9dDKluMWDxcPXR5sK1HHWE1o5s1sgtzjcU8jrjwgrY+BOvF XiNKRjDtqFfG2VTzgPiOcvPOjJHrQyLzA4NYgc4u6ksCLCOen/KgWTQM4nl0gnMc J/O23+OpMlQzYg91eUGhv1kvCfVhe3a6XmoNXHDAqY9eFnHUWf4= =035G -----END PGP SIGNATURE-----