DSA-6236-1

NameDSA-6236-1
Descriptionfirefox-esr - security update
SourceDebian
ReferencesCVE-2026-7320, CVE-2026-7321, CVE-2026-7322, CVE-2026-7323

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
firefox-esr (PTS)bookworm128.14.0esr-1~deb12u1vulnerable
bookworm (security)140.10.1esr-1~deb12u1fixed
trixie140.8.0esr-1~deb13u1vulnerable
trixie (security)140.10.1esr-1~deb13u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firefox-esrsourcebookworm140.10.1esr-1~deb12u1
firefox-esrsourcetrixie140.10.1esr-1~deb13u1
Search for package or bug name: Reporting problems