[SECURITY] [DLA 3521-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3521-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 8 Aug 2023 12:13:27 +0200 (CEST)
Message-id: <[🔎] 20230808101328.034DD2ABF35@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3521-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
August 08, 2023                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:102.14.0-1~deb10u1
CVE ID         : CVE-2023-4045 CVE-2023-4046 CVE-2023-4047 CVE-2023-4048
                 CVE-2023-4049 CVE-2023-4050 CVE-2023-4055 CVE-2023-4056

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For Debian 10 buster, these problems have been fixed in version
1:102.14.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmTSFUUACgkQnUbEiOQ2
gwIoKxAAv0+1cMbWEsz1anfpAeUT1yyKJEEuuezxFRcsQ+R7/+p8jkcivvbFX+q7
l0I1NFwPqvQKmCaFY29q6X6xSgOP5fgMVwR5lO4JAkOblxmtennA98TjxSxC4Fd1
HMIP8HVZQBkN65OfvCPr7HTyN1ey8NXivwWECewA84Jrr7QPo/JN2k5zuTuH/WUY
WYaiSEEt5eNuG906uTo0tohsTTbtN4OikVhT7B5oiYXmPaT4F0AYP2qfsCbTh1vW
HfVbI2qeO7oxJqvQZVGG+dbw4T3uw6T4/vZU/xB/a3cSq+/pKunqFNTX/Mcen4oK
DXSjnN2gz4SkpoJzLKPT/uOwwoykJ32qhq13qVgVwzMO/dVgN2spaeH8SG78smbr
zsoBYnLVI/hrg8GRwDTXsf3YF0ZHlQt/Jxxw9z87ILCCA+8mAdE/NF3qPvLgESrN
hG8uYduYYIV1sW0lQoERgxsjA5goGCWPfxuXJNdR5S43dpCoEgh8KwuSg2DOc6pO
hPxR3KUVxrqy4lfdY57PBCPYLRqLZITmYn1qvr300FDg53D0IZwPE4B6nV/9MOiX
JRc8EiF2k26j3KIwZ0jmJToJwoV72rW7cd8LNWWKlsmBcqQVz7U1/0Y+ZCikCZBP
ezKGqOFBUZH4LSWTHevNF0i6/LJsXc6k5qeDPuoD7hpmnFtEGkQ=
=mg8A
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3520-1] libhtmlcleaner-java security update
Next by Date: [SECURITY] [DLA 3522-1] hdf5 security update
Previous by thread: [SECURITY] [DLA 3520-1] libhtmlcleaner-java security update
Next by thread: [SECURITY] [DLA 3522-1] hdf5 security update
Index(es):
- Date
- Thread