Univention Bugzilla – Bug 51827
firefox-esr: Multiple issues (4.4)
Last modified: 2020-08-26 16:35:37 CEST
New Debian firefox-esr 68.11.0esr-1~deb9u1 fixes: This update addresses the following issues: * Use after free in ANGLE (CVE-2020-6463) * Inappropriate implementation in WebRTC (CVE-2020-6514) * Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
--- mirror/ftp/4.4/unmaintained/4.4-5/source/firefox-esr_68.10.0esr-1~deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-5/source/firefox-esr_68.11.0esr-1~deb9u1.dsc @@ -1,3 +1,9 @@ +68.11.0esr-1~deb9u1 [Wed, 29 Jul 2020 07:23:16 +0900] Mike Hommey <glandium@debian.org>: + + * New upstream release + * Fixes for mfsa2020-31, also known as: + CVE-2020-15652, CVE-2020-6514, CVE-2020-6463, CVE-2020-15659. + 68.10.0esr-1~deb9u1 [Wed, 01 Jul 2020 09:08:58 +0900] Mike Hommey <glandium@debian.org>: * New upstream release <http://10.200.17.11/4.4-5/#7316091649981893505>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-5] 72246dbf90 Bug #51827: firefox-esr 68.11.0esr-1~deb9u1 doc/errata/staging/firefox-esr.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x714>