Download
| Alert*
oval:org.secpod.oval:def:604617
DSA 4571-1 updated Thunderbird to the 68.x series, which is incompatible with the Enigmail release shipped in Debian Buster. oval:org.secpod.oval:def:69769 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service. Debian follows the extended support releases of Firefox. Support for the 60.x series has ... oval:org.secpod.oval:def:2105077 In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. oval:org.secpod.oval:def:89003323 This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR . Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE ... oval:org.secpod.oval:def:66458 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index upda ... oval:org.secpod.oval:def:604610 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 60.x series has ended, so starting with this update we"re now following the 68.x releases. oval:org.secpod.oval:def:205384 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index updates in IndexedDB * Mozilla: Potentially exploita ... oval:org.secpod.oval:def:59325 The host is missing a critical security update according to Mozilla advisory, MFSA2019-34. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to steal stored passwords. oval:org.secpod.oval:def:205385 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index upda ... oval:org.secpod.oval:def:59326 The host is missing a critical security update according to Mozilla advisory, MFSA2019-33. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to steal stored passwords. oval:org.secpod.oval:def:705251 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:59602 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:503442 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index updates in IndexedDB * Mozilla: Potentially exploita ... oval:org.secpod.oval:def:70197 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:205382 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index upda ... oval:org.secpod.oval:def:503368 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index upda ... oval:org.secpod.oval:def:59318 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. oval:org.secpod.oval:def:205389 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index updates in IndexedDB * Mozilla: Potentially exploita ... oval:org.secpod.oval:def:1504386 [68.2.0-4.0.1] - fix LD_LIBRARY_PATH - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one [68.2.0-4] - Added patch for TLS 1.3 support. [68.2.0-3] - Rebuild [68.2.0-2] - Rebuild [68.2.0-1] - Update to 68.2.0 ESR [68.1.0-6] - Enable system nss on RHEL6 [68.1.0-2] - Enable bu ... oval:org.secpod.oval:def:604575 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service. Debian follows the extended support releases of Firefox. Support for the 60.x series has ... oval:org.secpod.oval:def:89050847 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox: Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE-2019-1175 ... oval:org.secpod.oval:def:705443 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:1502706 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502707 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:66767 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index updates in IndexedDB * Mozilla: Potentially exploita ... oval:org.secpod.oval:def:1502704 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502705 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:503371 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index updates in IndexedDB * Mozilla: Potentially exploita ... oval:org.secpod.oval:def:70145 thunderbird - Mozilla Open Source mail and newsgroup client. Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:59434 The host is missing a critical security update according to Mozilla advisory, MFSA2019-35. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:503372 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index updates in IndexedDB * Mozilla: Potentially exploita ... oval:org.secpod.oval:def:59435 The host is missing a critical security update according to Mozilla advisory, MFSA2019-35. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to crash the service. oval:org.secpod.oval:def:503370 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index upda ... oval:org.secpod.oval:def:503375 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.2.0 ESR. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 * Mozilla: Use-after-free when creating index upda ... oval:org.secpod.oval:def:59332 Mozilla Firefox 70, Mozilla Firefox ESR 68.2 and Mozilla Thunderbird 68.2: If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. oval:org.secpod.oval:def:59311 The host is missing a critical security update according to Mozilla advisory, MFSA2019-34. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to steal stored passwords. oval:org.secpod.oval:def:59312 The host is missing a critical security update according to Mozilla advisory, MFSA2019-33. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to steal stored passwords. oval:org.secpod.oval:def:68072 thunderbird - Mozilla Open Source mail and newsgroup client. Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:89043994 This update contains the Mozilla Firefox ESR 68.2 release. Mozilla Firefox was updated to ESR 68.2 release: * Enterprise: New administrative policies were added. More information and templates are available at the Policy Templates page. * Various security fixes: MFSA 2019-33 * CVE-2019-15903: Heap ... oval:org.secpod.oval:def:69787 Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service. Debian follows the Thunderbird upstream releases. Support for the 60.x series has ended, so starting with this update we"re now following the 68.x releases. oval:org.secpod.oval:def:69788 DSA 4571-1 updated Thunderbird to the 68.x series, which is incompatible with the Enigmail release shipped in Debian Buster. oval:org.secpod.oval:def:1700287 Several memory safety bugs were discovered in Mozilla Firefox and Thunderbird. Memory corruption and arbitrary code execution are possible with these vulnerabilities. These bugs can be exploited over the network.A flaw was discovered in both Firefox and Thunderbird where 4 bytes of a HMAC output cou ... |