[SECURITY] [DLA 4592-1] firefox-esr security update

Wed, 20 May 2026 14:28:32 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4592-1                [email protected]
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
May 20, 2026                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firefox-esr
Version        : 140.11.0esr-1~deb11u1
CVE ID         : CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946
                 CVE-2026-8947 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954
                 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958
                 CVE-2026-8961 CVE-2026-8962 CVE-2026-8968 CVE-2026-8970
                 CVE-2026-8974 CVE-2026-8975

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, bypass of the same-origin policy, privilege escalation, information
disclosure, spoofing or sandbox escape.

For Debian 11 bullseye, these problems have been fixed in version
140.11.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmoOJ2EACgkQnUbEiOQ2
gwJUgQ/9FYiJB2iDPKJfU/dhTnboS4x/mFQ306AZYzCzdjhrZyM7yZ5HU9VReLby
A2HHToWkbYV86wfXU4FM+g17IfnYLRUGSgzwaXD8BwjPj7OivWxb8zUznHpWCR7E
AuskCICWGMuqIhPCvDb9tcXJtldurvujvOyYt3adlIc0y+CrC8XXCTnBzrudEuJp
oD0bfruG81lyW9gZ9Q+v/rpAAFDS6TSFMOdUdULRLtabaaCzFec6DPS/fBHBO7Y7
5SYrzxIRDAcL+/5BFC0fzG9M9+r7vwma42XhpHbzMuWHMKzUH/+O46779uin8tbL
5mFnhztMKMPY3sRZb+2O0tZenoz6xV+f2/6wDFa9NH3IxsE3gf9X6Y0lHfspUm1A
ctK030He2ukF/ozNsU86IpEnNXMZIRaI6I0T+n+Ymjw5hd0aTkpl/RysrKNN1dX/
eDeQFwsr8qJJ8b7AOV4xothgBjPoj/LScj+9RukUHXS16Vfxq8gYDr/DadZ1XJMh
U7XY96GLM7vqqE946VFtsmtqFCnmsDmv3OyqbzKnlQDHH0JTVRw6fhFqSQCuEZDk
YTyHRUh3NF2/EFtQQ2+kUYHFNleONOQTgH74A9hl4sHjTjGR+ts38cmZOxzEO/Sf
WEsuG1TjQ+NQsPtqwV+R67iQYJLK7oKzC0tLgUjFysQ/VglK6ZY=
=C0eS
-----END PGP SIGNATURE-----

Reply via email to