DSA-6003-1

NameDSA-6003-1
Descriptionfirefox-esr - security update
SourceDebian
ReferencesCVE-2025-10527, CVE-2025-10528, CVE-2025-10529, CVE-2025-10532, CVE-2025-10533, CVE-2025-10536, CVE-2025-10537

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
firefox-esr (PTS)bookworm128.14.0esr-1~deb12u1vulnerable
bookworm (security)140.3.0esr-1~deb12u1fixed
trixie128.14.0esr-1~deb13u1vulnerable
trixie (security)140.3.0esr-1~deb13u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firefox-esrsourcebookworm140.3.0esr-1~deb12u1
firefox-esrsourcetrixie140.3.0esr-1~deb13u1
Search for package or bug name: Reporting problems