ELA-1456-1 ublock-origin security update

denial of service

2025-06-12

Package	ublock-origin
Version	1.62.0+dfsg-0+deb9u2 (stretch), 1.62.0+dfsg-0+deb10u2 (buster)
Related CVEs	CVE-2025-4215

A flaw was found in ublock-origin, an efficient ads, malware and tracker blocker. A remote attacker could abuse an inefficient regular expression in ublock-origin’s filters to cause a denial-of-service and freeze a web browser.

For Debian 10 buster, these problems have been fixed in version 1.62.0+dfsg-0+deb10u2.

For Debian 9 stretch, these problems have been fixed in version 1.62.0+dfsg-0+deb9u2.

We recommend that you upgrade your ublock-origin packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.