Debian DLA-2408-1 : thunderbird security update

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 68.x series has ended, so starting with this update we're now following the 78.x releases. The 78.x...

Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2020-44564)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A buffer overflow vulnerability exists in nsJPEGEncoder::emptyOutputBuffer in versions of Mozilla Firefox prior to 78. An attacker can exploit this vulnerability with JPEG images to cause out-of-bounds...

DEBIAN-CVE-2019-13709

Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page...

chromium-browser: use-after-free in audio

Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

chromium-browser: CSP bypass

Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 78 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 78.0.3904.70 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...