OpenJDK, Thunderbird, Firefox-ESR updates for Debian

Debian 10360 Published by

Debian GNU/Linux has been updated with multiple security enhancements, which include updates for openjdk-17, Thunderbird, and Firefox ESR for Debian 11 LTS, and a Thunderbird update for Debian 12:

[DLA 4043-1] openjdk-17 security update
[DLA 4045-1] thunderbird security update
[DLA 4044-1] firefox-esr security update
[DSA 5860-1] thunderbird security update




[SECURITY] [DLA 4043-1] openjdk-17 security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4043-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
February 07, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : openjdk-17
Version : 17.0.14+7-1~deb11u1
CVE ID : CVE-2025-21502

A vulnerability has been discovered in the OpenJDK Java runtime, which
may result in authorisation bypass or information disclosure.

For Debian 11 bullseye, this problem has been fixed in version
17.0.14+7-1~deb11u1.

We recommend that you upgrade your openjdk-17 packages.

For the detailed security status of openjdk-17 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openjdk-17

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4045-1] thunderbird security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4045-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
February 07, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : thunderbird
Version : 1:128.7.0esr-1~deb11u1
CVE ID : CVE-2024-11704 CVE-2025-1009 CVE-2025-1010 CVE-2025-1011
CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1016
CVE-2025-1017

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.

For Debian 11 bullseye, these problems have been fixed in version
1:128.7.0esr-1~deb11u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4044-1] firefox-esr security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4044-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
February 07, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : firefox-esr
Version : 128.7.0esr-1~deb11u1
CVE ID : CVE-2024-11704 CVE-2025-1009 CVE-2025-1010 CVE-2025-1011
CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1016
CVE-2025-1017

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code.

For Debian 11 bullseye, these problems have been fixed in version
128.7.0esr-1~deb11u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DSA 5860-1] thunderbird security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5860-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 07, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : thunderbird
CVE ID : CVE-2024-11704 CVE-2025-0510 CVE-2025-1009 CVE-2025-1010
CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014
CVE-2025-1015 CVE-2025-1016 CVE-2025-1017

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.

For the stable distribution (bookworm), these problems have been fixed in
version 1:128.7.0esr-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Python, OpenSSL, Go, Bind updates for SUSE

Windows Package Manager 1.10.280 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...