Emacs24 and Firefox ESR updates for Debian

Debian 10391 Published by

Debian GNU/Linux has been updated with two security updates: Emacs24 for Debian 8 and 9 and Firefox ESR for Debian 12

ELA-1340-1 emacs24 security update
DSA 5874-1] firefox-esr security update




ELA-1340-1 emacs24 security update


Package : emacs24

Version : 24.4+1-5+deb8u6 (jessie), 24.5+1-11+deb9u6 (stretch)

Related CVEs :
CVE-2022-45939
CVE-2024-53920
CVE-2025-1244

Multiple problems were discovered in GNU Emacs, the extensible, customisable,
self-documenting real-time display editor.

CVE-2022-45939
Improper use of the system C library function in Emacs’s implementation of
the ctags program could permit shell metacharcater injection when used on
untrusted input source code.

CVE-2024-53920
Several ways to trigger arbitrary code execution were discovered in Emacs’s
support for editing files in its own dialect of Lisp. These include arbitrary
code execution upon opening an otherwise innocent-looking file, with any (or
no) file extension, for editing.

CVE-2025-1244
Improper handling of custom ‘man’ URI schemes could allow an attacker to
execute arbitrary shell commands by tricking users into visiting a specially
crafted website, or an HTTP URL with a redirect.


ELA-1340-1 emacs24 security update



[SECURITY] [DSA 5874-1] firefox-esr security update


- -------------------------------------------------------------------------
Debian Security Advisory DSA-5874-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 05, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : firefox-esr
CVE ID : CVE-2024-43097 CVE-2025-1931 CVE-2025-1932 CVE-2025-1933
CVE-2025-1934 CVE-2025-1935 CVE-2025-1936 CVE-2025-1937
CVE-2025-1938

Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code.

For the stable distribution (bookworm), these problems have been fixed in
version 128.8.0esr-1~deb12u1.

We recommend that you upgrade your firefox-esr packages.

For the detailed security status of firefox-esr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firefox-esr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Kernel, Redis, GPAC updates for Ubuntu

Firefox and Podman updates for SUSE

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...