-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3559-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : iceweasel CVE ID : CVE-2016-2805 CVE-2016-2807 CVE-2016-2808 CVE-2016-2814 Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. For the oldstable distribution (wheezy), these problems have been fixed in version 38.8.0esr-1~deb7u1. For the stable distribution (jessie), these problems have been fixed in version 38.8.0esr-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 45.1.0esr-1 of the firefox-esr source package and version 46.0-1 of the firefox source package. We recommend that you upgrade your iceweasel packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXIPZTAAoJEBDCk7bDfE42/r0P/A/JFMsjlJ+Ftgr8sRtAaky9 BWnSVCYEWw4Kl1+ekCQzT8FXuxYn92F7A+sWkvhikz2cKNIbWZfBaFYIZvgRfpMx SYpoNiRWgnYEmVvSeyUSXmQAX1BN+oJUgZiouK+Z7kOjRd3KqS2mL6OxFax0Tr1y O3/zErTsSiiCLvUy+FBz717AlxskoXnjr+7cKIDAVJQ7EkxmAaDUGkQXsGTIWo+b mNPujnL/q9CEsG30wT3/qArkA9jRvtQrX2zP0J6kBRm8RZXIGOx0QqFTgk/CzjWH 9uSJBOa2otfj94YpltphKEUc4wmStzf4NbkspaD3VokKFTwjp/72F86q9EWmqAyd jAgwsrSZRmnCszaNC54HWV06AG/AafzC7Yj6M08vFwdtW/Ii4uG+W8duj5z0GFng 9/nJDDkE9SHLfmkM9KtqqRz4whv9Uvszjfo7FvCbgibc+N65zoDe7j0tgQ4Tu2KD gm5tO2NhYeGkplo2PU3zGyk7sEQpMWBr5ItLNEfLp4rM14h1VaYAXfkHknzBf1RE YSx1dIxeXOfC0UaKsOzXKc5X3Doaye8QYzWuo2+W6WyhAmdARcGEbxLY8QdEyK5M BRTNSNrVUjEjbi5rM+njw3ONVF78ReV2zKhAU3gKkyXscYM3SLu3h0aatrhHXcnp FUz/SHk/E+1hFUMR2yTG =/P9Q -----END PGP SIGNATURE-----