Errata overview
Errata ID 231
Date 2018-09-12
Source package firefox-esr
Fixed in version 60.2.0esr-1~deb9u2
Description 
This update addresses the following issues:
* Anonymity feature bypass via crafted web site (CVE-2017-16541)
* Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
  (CVE-2018-12376)
* Use-after-free in driver timers (CVE-2018-12377)
* Use-after-free in IndexedDB (CVE-2018-12378)
* Out-of-bounds write with malicious MAR file (CVE-2018-12379)
Additional notes
CVE ID CVE-2017-16541
CVE-2018-12376
CVE-2018-12377
CVE-2018-12378
CVE-2018-12379
UCS Bug number #47775