Univention Bugzilla – Bug 48589
firefox-esr: Multiple issues (4.3)
Last modified: 2019-02-06 12:35:48 CET
New Debian firefox-esr 60.5.0esr-1~deb9u1 fixes: This update addresses the following issues: * Use-after-free parsing HTML5 stream (CVE-2018-18500) * Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 (CVE-2018-18501) * Privilege escalation through IPC channel messages (CVE-2018-18505)
--- mirror/ftp/4.3/unmaintained/component/4.3-3-errata/source/firefox-esr_60.4.0esr-1~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-3/source/firefox-esr_60.5.0esr-1~deb9u1.dsc @@ -1,3 +1,9 @@ +60.5.0esr-1~deb9u1 [Wed, 30 Jan 2019 09:53:01 +0900] Mike Hommey <glandium@debian.org>: + + * New upstream release. + * Fixes for mfsa2019-02, also known as: + CVE-2018-18500, CVE-2018-18505, CVE-2018-18501. + 60.4.0esr-1~deb9u1 [Wed, 12 Dec 2018 08:29:04 +0900] Mike Hommey <glandium@debian.org>: * New upstream release. <http://10.200.17.11/4.3-3/#8292322942142985583>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-3] e2485bd899 Bug #48589: firefox-esr 60.5.0esr-1~deb9u1 doc/errata/staging/firefox-esr.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)
<http://errata.software-univention.de/ucs/4.3/412.html>