Univention Bugzilla – Bug 51083
firefox-esr: Multiple issues (4.4)
Last modified: 2020-04-15 14:32:15 CEST
New Debian firefox-esr 68.7.0esr-1~deb9u1 fixes: This update addresses the following issue(s): * * Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) * Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822) * Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825)
--- mirror/ftp/4.4/unmaintained/4.4-4/source/firefox-esr_68.6.0esr-1~deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-4/source/firefox-esr_68.7.0esr-1~deb9u1.dsc @@ -1,3 +1,14 @@ +68.7.0esr-1~deb9u1 [Wed, 08 Apr 2020 07:54:16 +0900] Mike Hommey <glandium@debian.org>: + + * New upstream release + * Fixes for mfsa2020-13, also known as: + CVE-2020-6821, CVE-2020-6822, CVE-2020-6825. + +68.6.1esr-1~deb9u1 [Sat, 04 Apr 2020 06:41:17 +0900] Mike Hommey <glandium@debian.org>: + + * New upstream release + * Fixes for mfsa2020-11, also known as: CVE-2020-6819, CVE-2020-6820. + 68.6.0esr-1~deb9u1 [Wed, 11 Mar 2020 06:59:57 +0900] Mike Hommey <glandium@debian.org>: * New upstream release <http://10.200.17.11/4.4-4/#398697778226773965>
*** Bug 51063 has been marked as a duplicate of this bug. ***
OK: yaml OK: announce_errata OK: no patch OK: piuparts
<http://errata.software-univention.de/ucs/4.4/526.html>