firefox-esr - security update

2016-12-0100:00:00

Google

osv.dev

JSON

A use-after-free vulnerability in the SVG Animation was discovered in
the Mozilla Firefox web browser, allowing a remote attacker to cause a
denial of service (application crash) or execute arbitrary code, if a
user is tricked into opening a specially crafted website.

For the stable distribution (jessie), this problem has been fixed in
version 45.5.1esr-1~deb8u1.

We recommend that you upgrade your firefox-esr packages.

CPENameOperatorVersion
firefox-esreq45.0.1esr-1
firefox-esreq45.0.2esr-1
firefox-esreq45.0esr-1
firefox-esreq45.0esr-2
firefox-esreq45.1.0esr-1
firefox-esreq45.1.1esr-1
firefox-esreq45.2.0esr-1
firefox-esreq45.2.0esr-1~deb7u1
firefox-esreq45.2.0esr-1~deb8u1
firefox-esreq45.3.0esr-1

Name	Operator	Version
firefox-esr	eq	45.0.1esr-1
firefox-esr	eq	45.0.2esr-1
firefox-esr	eq	45.0esr-1
firefox-esr	eq	45.0esr-2
firefox-esr	eq	45.1.0esr-1
firefox-esr	eq	45.1.1esr-1
firefox-esr	eq	45.2.0esr-1
firefox-esr	eq	45.2.0esr-1~deb7u1
firefox-esr	eq	45.2.0esr-1~deb8u1
firefox-esr	eq	45.3.0esr-1

Rows per page:

1-10 of 221

References

www.debian.org/security/2016/dsa-3728

JSON