Package: firefox Version: 72.0-1 Severity: important Tags: upstream Dear Maintainer,
As I mention in the title, firefox was updated to 72.0.1 today, just 1 day after the release of 72.0, in order to close cve-2019-17026. Here is the relevant post from mozilla https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/ -- Package-specific info: -- Extensions information Name: Amazon.com Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: enabled Name: Bing Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: enabled Name: Dark theme Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: user-disabled Name: Default theme Location: /usr/lib/firefox/omni.ja Package: firefox Status: enabled Name: DoH Roll-Out Location: /usr/lib/firefox/browser/features/doh-roll...@mozilla.org.xpi Package: firefox Status: enabled Name: DuckDuckGo Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: enabled Name: Firefox Screenshots Location: /usr/lib/firefox/browser/features/screensh...@mozilla.org.xpi Package: firefox Status: enabled Name: Form Autofill Location: /usr/lib/firefox/browser/features/formautof...@mozilla.org.xpi Package: firefox Status: enabled Name: Google Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: enabled Name: Light theme Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: user-disabled Name: PlayThis Location: ${PROFILE_EXTENSIONS}/playt...@anxdpanic.xpi Status: enabled Name: Twitter Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: enabled Name: uBlock Origin Location: ${PROFILE_EXTENSIONS}/ublo...@raymondhill.net.xpi Status: enabled Name: Video DownloadHelper Location: ${PROFILE_EXTENSIONS}/{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi Status: enabled Name: Web Compat Location: /usr/lib/firefox/browser/features/webcom...@mozilla.org.xpi Package: firefox Status: enabled Name: WebCompat Reporter Location: /usr/lib/firefox/browser/features/webcompat-repor...@mozilla.org.xpi Package: firefox Status: user-disabled Name: Wikipedia (en) Location: /usr/lib/firefox/browser/omni.ja Package: firefox Status: enabled -- Plugins information Name: Shockwave Flash (32.0.0.293) Location: /usr/lib/flashplayer-mozilla/libflashplayer.so Package: flashplayer-mozilla Status: disabled -- Addons package information ii firefox 72.0-1 amd64 Mozilla Firefox web browser ii flashplayer-mozilla 3:32.0.0.293-dmo1 amd64 Adobe Flash Player -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-2-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages firefox depends on: ii debianutils 4.9.1 ii fontconfig 2.13.1-2+b1 ii libatk1.0-0 2.34.1-1 ii libc6 2.29-7 ii libcairo-gobject2 1.16.0-4 ii libcairo2 1.16.0-4 ii libdbus-1-3 1.12.16-2 ii libdbus-glib-1-2 0.110-5 ii libevent-2.1-7 2.1.11-stable-1 ii libffi6 3.2.1-9 ii libfontconfig1 2.13.1-2+b1 ii libfreetype6 2.10.1-2 ii libgcc1 1:9.2.1-22 ii libgdk-pixbuf2.0-0 2.40.0+dfsg-2 ii libglib2.0-0 2.62.4-1 ii libgtk-3-0 3.24.13-1 ii libnspr4 2:4.24-1 ii libnss3 2:3.48-1 ii libpango-1.0-0 1.42.4-7 ii libsqlite3-0 3.30.1+fossil191229-1 ii libstartup-notification0 0.12-6 ii libstdc++6 9.2.1-22 ii libx11-6 2:1.6.8-1 ii libx11-xcb1 2:1.6.8-1 ii libxcb-shm0 1.13.1-2 ii libxcb1 1.13.1-2 ii libxcomposite1 1:0.4.4-2 ii libxdamage1 1:1.1.5-1 ii libxext6 2:1.3.3-1+b2 ii libxfixes3 1:5.0.3-1 ii libxrender1 1:0.9.10-1 ii libxt6 1:1.1.5-1+b3 ii procps 2:3.3.15-2+b1 ii zlib1g 1:1.2.11.dfsg-1+b1 Versions of packages firefox recommends: ii libavcodec58 10:4.2.2-dmo1 Versions of packages firefox suggests: pn fonts-lmodern <none> pn fonts-stix | otf-stix <none> ii libcanberra0 0.30-7 ii libgssapi-krb5-2 1.17-6 ii libgtk2.0-0 2.24.32-4 pn pulseaudio <none> -- no debconf information
