[Pkg-mozext-maintainers] Bug#1107607: bookworm-pu: package ublock-origin/1.62.0+dfsg-0+deb12u1
Markus Koschany
apo at debian.org
Tue Jun 10 16:47:25 BST 2025
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org at packages.debian.org
Usertags: pu
X-Debbugs-Cc: ublock-origin at packages.debian.org, apo at debian.org
Control: affects -1 + src:ublock-origin
[ Reason ]
Backport a new upstream version of ublock-origin (browser addon) to
improve user experience and ad filter capabilities.
Fix CVE-2025-4215:
A remote attacker could abuse an inefficient regular expression in
ublock-origin's filters to cause a denial-of-service and freeze a web
browser.
[ Impact ]
Reduced ad filter capabilities and still vulnerable to CVE-2025-4215.
[ Tests ]
Using it on a daily basis without any problems.
[ Risks ]
The web browser addon does not affect other packages and runs in a
sandbox. Previous stable updates have been unproblematic.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[ ] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Other info ]
The debdiff is rather huge and not attached because of the introduction of a new
upstream version.
More information about the Pkg-mozext-maintainers
mailing list