| Name | DSA-6101-1 |
| Description | firefox-esr - security update |
| Source | Debian |
| References | CVE-2025-14327, CVE-2026-0877, CVE-2026-0878, CVE-2026-0879, CVE-2026-0880, CVE-2026-0882, CVE-2026-0883, CVE-2026-0884, CVE-2026-0885, CVE-2026-0886, CVE-2026-0887, CVE-2026-0890, CVE-2026-0891 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| firefox-esr (PTS) | bookworm | 128.14.0esr-1~deb12u1 | vulnerable |
| bookworm (security) | 140.7.0esr-1~deb12u1 | fixed |
| trixie | 140.4.0esr-1~deb13u1 | vulnerable |
| trixie (security) | 140.7.0esr-1~deb13u1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| firefox-esr | source | bookworm | 140.7.0esr-1~deb12u1 | | | |
| firefox-esr | source | trixie | 140.7.0esr-1~deb13u1 | | | |