lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 12 Dec 2018 21:08:52 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4354-1] firefox-esr security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4354-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 12, 2018                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2018-12405 CVE-2018-17466 CVE-2018-18492
                 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or bypass of the same-origin policy.

For the stable distribution (stretch), these problems have been fixed in
version 60.4.0esr-1~deb9u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwReJMACgkQEMKTtsN8
TjbyQg//SRZSh5Phbk+k8hy6eOLAaJ6fXP8pddqwu2leOQehmOPMyyXYkTCIFmqV
uGiVonpvBa9tvQPkGP65nmvrsfW+4cqgK9t34H4atPktU9jpnpnkHECL72KRkMiS
iCj7aydK59kT4+gB/ESyPboGz/OGu7cz+7GFp7/2o4kY9rawUwQQAaorLdNI1QOM
SAA3BpK0VFZ0ywg4gwVrHfxyoqTKhjW67ccZgvLmbo8yert6710DOTtw82lt1lbt
qqAzALTfwEn9NLoWSdXKp/0QgHdM0EaeQo8AWeunDQKoInwPwXVtFzor3x69dbf5
VrHGgjf8J+W9gKykwQDgawCVqAw9dqqOK7J39PXPSBWTboEsO2xHq6wkTN8Kcgyl
U7UbPqnjKum/BWS6WbnH50wWRekGygc4E/O9Jc8ZwSSJs9VJzxZr0Fv7Oj/g0RKa
zcdeMqpF5FdJnZDqaztCEAsn/zBANOxJuRx6ei07c2o5Irv4x3x+gLkSSiz+kSCv
HAN2VDaptT6cRw8FsAARSt5Yqn9RD+F36f2OEv/VyHqybrv3QAis9YoXaxoqiheo
RR+ekx180yWrj8LishdTZsKSsZ210Mt98hsaDac2Z018ptoyZ/8gAu+q1xk7M8Sy
60fANkSm6XB+FjIoUquVT6Lxa/+5ofs7dcVU8QfJ0mKFl7WOJHY=
=yUHi
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists