[SECURITY] [DSA 5643-1] firefox-esr security update

🗓️ 21 Mar 2024 19:19:07Reported by DebianType

debian

debian🔗 lists.debian.org👁 39 Views

Multiple security issues in firefox-esr web browser, upgrade recommended

Reporter	Title	Published	Views	Family All 682
IBM Security Bulletins	Security Bulletin: A vulnerability in RedHat UBI minimal affects IBM Robotic Process Automation for Cloud Pak which could allow an attacker to obtain sensitive information (CVE-2023-5388).	11 Oct 202400:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities	15 Mar 202413:52	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	27 May 202523:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in nss library (CVE-2023-5388) affects Power HMC.	10 Sep 202415:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities.	3 Aug 202400:43	–	ibm
Tenable Nessus	Amazon Linux 2023 : nspr, nspr-devel, nss (ALAS2023-2024-492)	23 Jan 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : nss-softokn (ALAS-2024-2419)	23 Jan 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : thunderbird (ALAS-2024-2505)	1 Apr 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : firefox (ALASFIREFOX-2024-023)	1 Apr 202400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : nss-softokn (ALAS-2024-1907)	23 Jan 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Debian	11	any	firefox-esr	115.9.0esr-1~deb11u1	firefox-esr_115.9.0esr-1~deb11u1_any.deb
Debian	12	any	firefox-esr	115.9.0esr-1~deb12u1	firefox-esr_115.9.0esr-1~deb12u1_any.deb
Debian	11	amd64	firefox-esr-dbgsym	115.9.0esr-1~deb11u1	firefox-esr-dbgsym_115.9.0esr-1~deb11u1_amd64.deb
Debian	11	arm64	firefox-esr-dbgsym	115.9.0esr-1~deb11u1	firefox-esr-dbgsym_115.9.0esr-1~deb11u1_arm64.deb
Debian	11	armhf	firefox-esr-dbgsym	115.9.0esr-1~deb11u1	firefox-esr-dbgsym_115.9.0esr-1~deb11u1_armhf.deb
Debian	11	i386	firefox-esr-dbgsym	115.9.0esr-1~deb11u1	firefox-esr-dbgsym_115.9.0esr-1~deb11u1_i386.deb
Debian	11	ppc64el	firefox-esr-dbgsym	115.9.0esr-1~deb11u1	firefox-esr-dbgsym_115.9.0esr-1~deb11u1_ppc64el.deb
Debian	11	s390x	firefox-esr-dbgsym	115.9.0esr-1~deb11u1	firefox-esr-dbgsym_115.9.0esr-1~deb11u1_s390x.deb
Debian	12	amd64	firefox-esr-dbgsym	115.9.0esr-1~deb12u1	firefox-esr-dbgsym_115.9.0esr-1~deb12u1_amd64.deb
Debian	12	arm64	firefox-esr-dbgsym	115.9.0esr-1~deb12u1	firefox-esr-dbgsym_115.9.0esr-1~deb12u1_arm64.deb

21 Mar 2024 19:19Current

8.5High risk

Vulners AI Score8.5

CVSS 3.18.8

EPSS0.01285

SSVC

arbitrary code execution mozilla firefox debian information disclosure security update content security policies