-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5097-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff March 09, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2022-26381 CVE-2022-26383 CVE-2022-26384 CVE-2022-26386 CVE-2022-26387 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or sandbox bypass. For the oldstable distribution (buster), these problems have been fixed in version 91.7.0esr-1~deb10u1. For the stable distribution (bullseye), these problems have been fixed in version 91.7.0esr-1~deb11u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIpIx8ACgkQEMKTtsN8 TjYecBAAkN+pc932dl3RDi2Z0NSU76/pECvB8ZTZtQjSs5j69lguVYKQ9vZlYUG3 tbmrecTf2EL9xH7rLWEwjbbW/SdlXmg0fQeisVEn5p+XoQF1rxTW+fbNXvgpca9l HptbZRvSqKidK9hFHm2YjPYenX+VyXKSX4Mp3eKaZORBrAIwC97mgGjnLpykEQzH i9WRbC7ac9rBgTM0QTNCb+nSriWfCoEM4yAhTJxcpqaJAU2IMIwE5vUIg7NLN78N ars12uRcGonG/rZ6JiEc8llqYxXbOz8PdqozSI9/UNBgwLsraPXjcKYlBh1vRPng pk6kzcpgYOrGDDb6uefLjKjzUf5pHh7xz8ITt9qbrmLD3TMtHysVCYRlPgZ3GJKW ZP+E+myYoUfYtx5KwRwRf6t2s+atwILROGdyQysEkFNZi6sKXP+dEt2cfFzLxrfP uQDb9UzmT6A08UaofEbiXRuqqx0sggjef8xZA8kyhApnTNf87DeU59vPCFKN9Y9T k1/2P1+KolEn0sqlsrLyBXONVtjTp7NtaFDja5AML1jXIRBYM6Y8SEaT4uqjANoA 418R9yQyLlTfaOFi66KkcIB5Mq1BLPfpoA8nmGLjM/vn+W64l3UMoJitQc/ZQmPg VFPtD5TvW+8GEq3tv9wHAEenaGBvl5QP08OsAUwdlEK6aKPY3oU= =4DZH -----END PGP SIGNATURE-----