Debian Security Advisory 5645-1

Debian Security Advisory 5645-1: Posted Mar 25, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5645-1 - Manfred Paul discovered a flaw in the Mozilla Firefox web browser, allowing an attacker to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process.; tags | advisory, web, arbitrary, javascript; systems | linux, debian; advisories | CVE-2024-29944; SHA-256 | 4f5d9a853e227dab14b126ce8536d5e0bccc071fc1e3eea740c201c1d75a9146; Download | Favorite | View

Debian Security Advisory 5645-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5645-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
March 23, 2024                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2024-29944

Manfred Paul discovered a flaw in the Mozilla Firefox web browser,
allowing an attacker to inject an event handler into a privileged object
that would allow arbitrary JavaScript execution in the parent process.

For the oldstable distribution (bullseye), this problem has been fixed
in version 115.9.1esr-1~deb11u1.

For the stable distribution (bookworm), this problem has been fixed in
version 115.9.1esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmX/MOFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Rolg/9GP46S5fV4AGsTsDeOZsx8rbHOZsKgj+Y//dA8Ly79T10CjVcZQSvpFek
Czgnwyo9dMqY5jTyxKOcFqsrbCzODKdMtDKVqOdTTptb0eGdorLyRsq0D5Kozn86
W8iq9mDTYiL50Vj7gMgpciNHklM7sjtKCYSTIgJFqLq+/8jMIoaN2qbTCmxo4OjC
bqweKgXYlHE/EmgCyjVJ6gjuam5yA1OlrXO+/IqKm809P8TPsceb9FBCY4Gw0jS4
Ioii4Y303fsNNMIHfDANNcvXC6JCnsy0QYjq2DyiNTOyh/leoV+Z9tWQwejcnQBd
T0aICDOoQwf6mnsMtsLvoDzsY81DawiHd19nyLeVKhxLwpEmqTz5CIIk72oy39MA
SLxY5owGrBPHkelxpi4XNPg7/fDNfeq1L3/CzEPoiExaioLsvC/vgvZzO4drrNkG
Eyp2ocGvKejYqt4TfZE/a5vmj7BpNDMmhsUne8XzdPVU8p1Co3jsEGmOVAT00EOv
cO1MGfUZdChdTdRHZ6Q/v6Wr2DZvmT9b/yy9uI4I+XjpkDLapS9DbP+FPJKM5y75
lOf3bfsBSHUBRIxxtiDdUmjYH9mTHNPNq6SFlHrcpykqRps+acuL4ZYd2NGG8nHg
Bv4lAz/FMJTBI80gqF7nv3v2qsy4CZ9ieBnAQbDHDkVxnnYLGVo=
=h5US
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 290 files
Ubuntu 63 files
Debian 20 files
Gentoo 8 files
Apple 6 files
LiquidWorm 4 files
Google Security Research 4 files
Alter Prime 3 files
Spencer McIntyre 3 files
Jann Horn 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,172)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,112)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,459)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,018)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

Debian Security Advisory 5645-1

Debian Security Advisory 5645-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5645-1

Share This

Debian Security Advisory 5645-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems