[SECURITY] [DLA 3510-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3510-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Mon, 31 Jul 2023 09:37:11 +0200 (CEST)
Message-id: <[🔎] 20230731073711.ED9B32ADACC@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3510-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
July 31, 2023                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:102.13.1-1~deb10u1
CVE ID         : CVE-2023-3417

A security issue was discovered in Thunderbird, which could result in
spoofing of filenames of email attachments.

For Debian 10 buster, this problem has been fixed in version
1:102.13.1-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmTHZKUACgkQnUbEiOQ2
gwLMDBAAviOOfb2MzHyw8b0q0veSXJbTo9PF9dgyfFiRxlo9LnQAvCeubgoCMx+9
MNSGczjUDzlHD/Rys8wbDH+IHl2R8krwnXh4Gb0DHtcj6EvyPYuwBsdm1C7wu21d
R3WvTJbj+DEQHB9iztf5nsxQnqJasNbyia8DHoMW/Yg3H16Pl4Qg1qgClZsityVB
PEi8xz4t7rsYz9yP5WN+nRz+7KeYkw3IEStbEMgvaTgKo2TfRv7RnI3YDJ6ePFTc
e5o/SwRZ4Uvr89YBYmwh+UZBO/i1LI6BORXCB/GtT3HNkVSCDZWW+QNhq48ooYQO
p3atiiEDZp1+UIlCRpoU241SxYVOakx/SGmJkOkfvVJsDZ0HVyKX7vV++R9QRWbZ
NIionBWOdDMhjp2fHJB3fyNmdrxmWpQF2BBnsp8D48MVwNRD26EafREsqudJWX85
WofuW2pVIZNbt3236s0cqXeDeVsS8yJa20mJ1TrdkL1WEx/h4rQBSx7EaEIWkmIs
wYMQeIlW2Jt9qpJFxjfdMi84xpjnRjCPu9neel56E1oRzJjm2fGSw4RoIub4pc0q
8kbPrI8vag3NcZfi79jOMifV0GmU9s38DHZZEG2BYApEyQkpckZ0axv8lxFdyS6l
Pq+ByP53oS6GhYYJMhra7z4dz8m/KxcxZRcElD8WN0Qxgi3QTso=
=8R8B
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3509-1] libmail-dkim-perl update
Next by Date: [SECURITY] [DLA 3511-1] amd64-microcode security update
Previous by thread: [SECURITY] [DLA 3509-1] libmail-dkim-perl update
Next by thread: [SECURITY] [DLA 3511-1] amd64-microcode security update
Index(es):
- Date
- Thread