-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3987-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff September 29, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2017-7793 CVE-2017-7805 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, buffer overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site scripting or bypass of the phishing and malware protection feature. For the oldstable distribution (jessie), these problems have been fixed in version 52.4.0esr-1~deb8u1. For the stable distribution (stretch), these problems have been fixed in version 52.4.0esr-1~deb9u1. We recommend that you upgrade your firefox-esr packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlnOuiAACgkQEMKTtsN8 TjZb9A/+MBmy0NJQRXxG2S4hcyxGkzjV2R7yqnB1KKfKlHAS/gWfbYbLYNTnnY0L rfdm9FryXt0CFaH/idqQ3ICIQfXepjpsIEwS4X4V9Bxhsxkxe3+eak1X1sfq3EHI xrbc1lt/B22Khq9LBH+dyjVlQq7/6yGHxUvZyray1dRfjYiTSvw3TNdg+O7eUbhK 7tFyAc2xPegnQSsg2bxTWpSt1eGvmmJlZ04ALHeQErCF/hJS4a5Q+yI7j5zxBkYX c0q2cVgQ1VGXxNCz8u+GXbjblYq68HVR05RqKq+Wf/ZRf06dRPyxmHLJiqVriJob 6qLOY7l03/iiE5NBTPKId/w8NGoqaqdADNLP8HrTrr6O5CMPHoEsbJrjxbGJlnxs Si6ZQLD+a7vJB2zf4w61zRlso5nX2C4au4XGw+hvo1HcqTGFs3Ot3WEZkW4Kwd0O 64ijP8mKviMoUl4WIQCD9UVWD7utEUsfEr4tCOTlaiVxtpe+UCT5FOGPDafThsVC igAMeSqTen+cLi2uNwZ0wlyFU4ZP8XOgBacvgOHBfNuhpHih8bKATFuT0ce0j+vO 06OxXN800af9lRdxOovLFd0FjDqB00bRxpzBbaKSoKiYQt/jJGiy73QYHcXLMtT8 K9kebAVVlokbbWVgoMvrRVB3O52I2b79VJRhRdz6A4XZGjeD/OA= =x0iP -----END PGP SIGNATURE-----