|
|
Log in / Subscribe / Register

Debian alert DSA-6148-1 (firefox-esr)



From:
              Moritz Muehlenhoff <jmm@debian.org>


To:
              debian-security-announce@lists.debian.org


Subject:
              [SECURITY] [DSA 6148-1] firefox-esr security update


Date:
              Wed, 25 Feb 2026 19:04:50 +0000


Message-ID:
              <aZ9H0r50Qa0J36g0@seger.debian.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6148-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 25, 2026                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : firefox-esr
CVE ID         : CVE-2026-2757 CVE-2026-2758 CVE-2026-2759 CVE-2026-2760 
                 CVE-2026-2761 CVE-2026-2762 CVE-2026-2763 CVE-2026-2764 
                 CVE-2026-2765 CVE-2026-2766 CVE-2026-2767 CVE-2026-2768 
                 CVE-2026-2769 CVE-2026-2770 CVE-2026-2771 CVE-2026-2772 
                 CVE-2026-2773 CVE-2026-2774 CVE-2026-2775 CVE-2026-2777 
                 CVE-2026-2778 CVE-2026-2779 CVE-2026-2780 CVE-2026-2781 
                 CVE-2026-2782 CVE-2026-2783 CVE-2026-2784 CVE-2026-2785 
                 CVE-2026-2786 CVE-2026-2787 CVE-2026-2788 CVE-2026-2789 
                 CVE-2026-2790 CVE-2026-2791 CVE-2026-2792 CVE-2026-2793

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code, sandbox escape, bypass of the same-origin policy, information
disclosure or privilege escalation.

For the oldstable distribution (bookworm), these problems have been fixed
in version 140.8.0esr-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 140.8.0esr-1~deb13u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmmfQ2gACgkQEMKTtsN8
TjbSFRAAlXVgZScLxhjeSOUVB5cbjV+alTZvYyUuT/eqn+M+lEpFM3eSldXRBYus
7jkio2eYgKO/Qhzba813yyowi1LSgbHSm5ESQat226DXp+hyvTECa4IL2E9gR8QS
Vv1dW9bqX2Mcx0t5SFq+NaFcME8g7eVl804VsCKF3qKNYpyZjbLjE8jfIMO4FDAt
kOFKfN7oiQGRE/2N2hcxh/DnxyC59GySlwznVE90/8HGxUMHRlXlgBb6pYkGc0Lo
K43EpEEebQqDzu7SduGeVDdrZ8L8DJpIId4Ug6jS9keaoI0uo4TZVfOqh+ew/MUM
zaejiXjlIcXenwjYhzh0M08zp7mtv33xs1Fdjcj9qCHrD3S5IFUHkzqtnwKuyIPC
YDN4owOya0LtUgIPxScSFq9FrS1BQzoRX4+3EDWZTIzBbD+pDf5MOWPHU18twUqK
Wpg2qcx3cDR1CTbPocZrkYcaU78V3iLkZeRelVv06sXE3nZ816XHNs7waacU2Ue0
tJ0hNAzUND1IMrEO03p3zb+DnP04K8X7B/e/CzrbtcVy7TU/TiZFArQBuGhSFx79
ysg5wt5VkwtNrb91DVevTZcyu3OLRzcpAD8uzVoc5LIt4p8ZhMlZvlSbhicgs4ym
W92Zd8WOyBAEMABTldY5KX8EnZ8agx4j42L2BnXPCBqAHw8ta24=
=0INb
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds