Univention Bugzilla – Bug 54442
firefox-esr: Multiple issues (5.0)
Last modified: 2022-02-16 12:07:14 CET
New Debian firefox-esr 91.6.0esr-1~deb10u1 fixes: This update addresses the following issues: * firefox-esr (CVE-2022-22754) * firefox-esr (CVE-2022-22756) * firefox-esr (CVE-2022-22759) * firefox-esr (CVE-2022-22760) * firefox-esr (CVE-2022-22761) * firefox-esr (CVE-2022-22763) * firefox-esr (CVE-2022-22764)
--- mirror/ftp/pool/main/f/firefox-esr/firefox-esr_91.5.0esr-1~deb10u1.dsc +++ apt/ucs_5.0-0-errata5.0-1/source/firefox-esr_91.6.0esr-1~deb10u1.dsc @@ -1,3 +1,18 @@ +91.6.0esr-1~deb10u1 [Wed, 09 Feb 2022 07:37:27 +0900] Mike Hommey <glandium@debian.org>: + + * New upstream release. + * Fixes for mfsa2022-05, also known as: + CVE-2022-22754, CVE-2022-22756, CVE-2022-22759, CVE-2022-22760, + CVE-2022-22761, CVE-2022-22763, CVE-2022-22764. + + * netwerk/base/SimpleChannel.*, netwerk/base/nsBaseChannel.*, + netwerk/protocol/res/ExtensionProtocolHandler.cpp, + netwerk/protocol/res/PageThumbProtocolHandler.cpp, + toolkit/components/places/nsAnnoProtocolHandler.cpp, + dom/file/ipc/RemoteLazyInputStream.cpp: Apply upstream patches to fix + excessive CPU usage in web extensions. bz#1706594, bz#1735899. + Closes: #1002868. + 91.5.0esr-1~deb10u1 [Wed, 12 Jan 2022 06:58:53 +0900] Mike Hommey <glandium@debian.org>: * New upstream release. @@ -6,8 +21,3 @@ CVE-2022-22738, CVE-2022-22737, CVE-2021-4140, CVE-2022-22748, CVE-2022-22745, CVE-2022-22747, CVE-2022-22739, CVE-2022-22751. - * debian/rules: Build against embedded nspr and nss on bullseye. - * debian/control*: Build against rustc-mozilla/cargo-mozilla on relevant - older release. - * debian/upstream.mk: Add definitions for newer releases of Debian. - <http://piuparts.knut.univention.de/5.0-1/#4220803861046256989>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-1] 60c92bc401 Bug #54442: firefox-esr 91.6.0esr-1~deb10u1 doc/errata/staging/firefox-esr.yaml | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) [5.0-1] 0f8c51f2b2 Bug #54442: firefox-esr 91.6.0esr-1~deb10u1 doc/errata/staging/firefox-esr.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x220>