[SECURITY] [DLA 4109-1] firefox-esr security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 4109-1] firefox-esr security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Wed, 2 Apr 2025 14:11:43 +0200
Message-id: <[🔎] 20250402121143.98D1A2AB34D@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4109-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
April 02, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 128.9.0esr-1~deb11u1
CVE ID         : CVE-2025-3028 CVE-2025-3029 CVE-2025-3030

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in spoofing or the execution
of arbitrary code.

For Debian 11 bullseye, these problems have been fixed in version
128.9.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmftKXwACgkQnUbEiOQ2
gwIe4g//abPb5FPEyPbgmpFO7mER3MqsOtnI/hBZepRqpa4iU2y0xFlNsAEa9hir
RvUX1yLIuspBimmMb7Rm2FxTuhSnDikjxMad66SEOtMd+Gp33SYGZEbqRWV28/YK
NclufRPmhfJHfuvXw6xrl925J1oCdCbhLWEnyfVCd3Uajrg0Z7Lznq643uibq60G
fh6mIn1G1YVFAsHO8M/nfwuQwrNUTMXPqn8pVvfBwfvphb7dAO49EIi8uzTcEoGM
J5ZL6btiuA2nrTZxPOPAH9ntHLWO/i89rtv4pqimMjUVVIjRHhn4L5IPtbuFlCV7
hm0bf4CSraIqwTKSybsfpPk1uipGCYyNty15CWzD8/Xc+OEE3C/OOzy4Ju2NfFIt
hBJ2aYdyEJKZCYDSCSdVs5Hagx/G/4uBG0LKJuoj/fj2ITGNIWoxM0dXncefZDgA
dqCWdJGYtSx0dObKN0eLcxQKCKqQa+uTv1nDSCUvL6WAkUMGG3iRBUaOrnI93rc5
gyPGgUxTOfJXN9XA+8y1O2fkkzOW9W+Ke2aAvsUq8tH9Q2TX+K0LmYyI1Xl7cECy
BK5cuO5uwgT4nyRGd/WmMeeXWPOT2LzX4K9YkJUQgxvY8/Vlm5wa86fWWt7UXS94
f6icdcjbSzpDV95+ghganvgFu1IYQ4IQdLWP5ymyQTs9/UrNXvk=
=AmZV
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4108-1] tomcat9 security update
Next by Date: [SECURITY] [DLA 4110-1] thunderbird security update
Previous by thread: [SECURITY] [DLA 4108-1] tomcat9 security update
Next by thread: [SECURITY] [DLA 4110-1] thunderbird security update
Index(es):
- Date
- Thread