Univention Bugzilla – Bug 50912
firefox-esr: Multiple issues (4.3)
Last modified: 2020-03-11 13:57:24 CET
New Debian firefox-esr 68.5.0esr-1~deb9u1 fixes: This update addresses the following issues: * Missing bounds check on shared memory read in the parent process (CVE-2020-6796) * Incorrect parsing of template tag could result in JavaScript injection (CVE-2020-6798) * Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 (CVE-2020-6800)
--- mirror/ftp/4.3/unmaintained/component/4.3-5-errata/source/firefox-esr_68.4.1esr-1~deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-5/source/firefox-esr_68.5.0esr-1~deb9u1.dsc @@ -1,3 +1,9 @@ +68.5.0esr-1~deb9u1 [Wed, 12 Feb 2020 06:50:33 +0900] Mike Hommey <glandium@debian.org>: + + * New upstream release + * Fixes for mfsa2020-06, also known as: + CVE-2020-6796, CVE-2020-6798, CVE-2020-6800. + 68.4.1esr-1~deb9u1 [Thu, 09 Jan 2020 06:40:28 +0900] Mike Hommey <glandium@debian.org>: * New upstream release. <http://10.200.17.11/4.3-5/#5619449451412398487>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-5] e8364e23e9 Bug #50912: firefox-esr 68.5.0esr-1~deb9u1 doc/errata/staging/firefox-esr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.3-5] 91453e51ad Bug #50912: firefox-esr 68.5.0esr-1~deb9u1 doc/errata/staging/firefox-esr.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<http://errata.software-univention.de/ucs/4.3/642.html>