Debian Security Advisory

DSA-4655-1 firefox-esr — security update

Date Reported:
08 Apr 2020
Affected Packages:
firefox-esr
Vulnerable:
Yes
Security database references:
In Mitre’s CVE dictionary: CVE-2020-6821, CVE-2020-6822, CVE-2020-6825.
More information:
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

For the oldstable distribution (stretch), these problems have been fixed in version 68.7.0esr-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in version 68.7.0esr-1~deb10u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/firefox-esr

Debian Security Advisory

DSA-4654-1 chromium — security update

Date Reported:
07 Apr 2020
Affected Packages:
chromium
Vulnerable:
Yes
Security database references:
In Mitre’s CVE dictionary: CVE-2020-6450, CVE-2020-6451, CVE-2020-6452.
More information:
Several vulnerabilities have been discovered in the chromium web browser.

  • CVE-2020-6450Man Yue Mo discovered a use-after-free issue in the WebAudio implementation.
  • CVE-2020-6451Man Yue Mo discovered a use-after-free issue in the WebAudio implementation.
  • CVE-2020-6452asnine discovered a buffer overflow issue.

For the oldstable distribution (stretch), security support for chromium has been discontinued.

For the stable distribution (buster), these problems have been fixed in version 80.0.3987.162-1~deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: https://security-tracker.debian.org/tracker/chromium

This page is also available in the following languages:

español français Русский (Russkij)
How to set the default document language

admin