-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5090-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 06, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2022-26485 CVE-2022-26486 Two security issues have been found in the Mozilla Firefox web browser, which result in the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed in version 91.6.1esr-1~deb10u1. For the stable distribution (bullseye), these problems have been fixed in version 91.6.1esr-1~deb11u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIlHHwACgkQEMKTtsN8 TjaxsQ/+MyrzApSrAu7v8NvSsrKejBFvH4dJfA2DjFrSI4Dqe+JEOR/m53HN3e3y qaUf+F/Cyj1q1UAfYkcQVPrPwu6oG/AHUavJUz+Z0a+gm1NQN9QTp0vFAj14WTOP x5n1IhyzHKDPI6hhWV9vtNpxlTxo8bYMdRycvwhuCWAbT4jCgBcnjmxQXYBXRehQ aolzZiIcBMZmqzCRyXhAwl09DipF8AOTwnAt6SK/EDbGmJahTf5vuPBuLKQ252aA V27o0BRFnMs0y5QP/NvbPC9S9r0bVbcMD+UN1kt0M8BBPAhU29cIO0uozAB4Tne6 0Or4ZHHDXmPy4/VxqugN4SgtMu1O0ynxdmh0ZKmYzYFTrKSz6n1+KedMq73OwiCt RSIlsvfHQeAdF0CVBnAkhFSLtGssfItZ3ZjXYE4CUgCI4eODzpvbv8f7xbHP4mOt cJQ8ygmJgGH42cIJ/URcYgwOMfjlxkIoWPVd+hUri4QHPHDZRUy6i3aBp9OPQXYG f7oox9RL8i5spb4Sqfg2EToJsxx6F3q/FNp6H84vRp1foJ1RiR5QetouunucNpMv EgJUE6/+2rywQsLDInQux/f3tPDQ7Pc6iQ6TF7nMMGqiifJjfXMbCH4pOUAozND3 XeNLfDH/0SltVMW3aNpwTO/30UZI00V0YqswtVEVgfLPmX2nlRs= =UHF/ -----END PGP SIGNATURE-----