1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 3333-1] iceweasel security update

    From Moritz Muehlenhoff@1:229/2 to All on Wed Aug 12 12:30:03 2015
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-3333-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2015 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : iceweasel
    CVE ID : CVE-2015-4473 CVE-2015-4478 CVE-2015-4479 CVE-2015-4480
    CVE-2015-4484 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489
    CVE-2015-4492 CVE-2015-4493

    Multiple security issues have been found in Iceweasel, Debian's version
    of the Mozilla Firefox web browser: Multiple memory safety errors,
    integer overflows, buffer overflows, use-after-frees and other
    implementation errors may lead to the execution of arbitrary code,
    bypass of the same-origin policy or denial of service.

    Debian follows the extended support releases (ESR) of Firefox. Support
    for the 31.x series has ended, so starting with this update we're now
    following the 38.x releases.

    For the oldstable distribution (wheezy), these problems have been fixed
    in version 38.2.0esr-1~deb7u1.

    For the stable distribution (jessie), these problems have been fixed in
    version 38.2.0esr-1~deb8u1.

    For the unstable distribution (sid), these problems have been fixed in
    version 38.2.0esr-1.

    We recommend that you upgrade your iceweasel packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1

    iQIcBAEBAgAGBQJVyx6lAAoJEBDCk7bDfE42gyIP/2KJIusPESkAk6LONEz5aXZz Q4zyIIwlxux2g44iXRXZ/wStUW+0Q5B++S5DyXoczGYLfSoQ7Vsx7y2EEWxN/8kU IR4/ZCeLbTvkeT97DgOQxpcRAnElz87NIanjcPg8syrXRIlAVeDe8mfRVNTCUCff NBD2OOarA8kDvMqZE9J4/t3VmZwJx++O1DJfjOD9UEfda8Vm0or0+/xNVm79TV9m fZfIsSnbUlTZvizrMIQ/cx6FQYWB8UrO5MLCEADFiyLrBh/kWyInMCkBoL2Cj2l9 x7ePsHTdVFNmoLXVtnjwwRwhfysOpQ3mpbw79Xcmd5ODgpeuywiWFhx/HgKKwBGY BuWbZrmxj0k+DVN931eSiT0cYl2fsENK+x7Y+JZw4jCQupNBmfBjh+NnAbr2pIkG wcuxPKJ51H0UVcmrRs7oxvyaVRNBFM+jk99WuQ5+2CQqvf+6kOMG/KGssX2+4Kpy utt/lTkRpF82KwjdhVixncwgmZurLOVE+iBtBVTUwXdcfQXWWW5tPebD5/29KQ4G 3ZmF/jI3meVST6SX3hE0bt/2PYjkvFuXIvVgT+yXdkOr6XVWELivjiP0v/XmsNun bSaXu3N9ZQiTKzT7JZ/WR8FHmbZr/4tn7nE+1NBuMhYqAPz2/7VSX3elKJoIGdnS MSVHgssiBkMRn7KhXePD
    =v2Mz
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)