Debian Security Advisory
DSA-2499-1 icedove -- several vulnerabilities
- Date Reported:
- 24 Jun 2012
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2012-1937, CVE-2012-1939, CVE-2012-1940.
- More information:
Several vulnerabilities have been discovered in Icedove, the Debian version of the Mozilla Thunderbird mail/news client. There were miscellaneous memory safety hazards (CVE-2012-1937, CVE-2012-1939) and a use-after-free issue (CVE-2012-1940).
For the stable distribution (squeeze), these problems have been fixed in version 3.0.11-1+squeeze11.
We recommend that you upgrade your icedove packages.