[SECURITY] [DLA 2541-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 2541-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 2 Feb 2021 13:34:12 +0100 (CET)
Message-id: <[🔎] 20210202123412.94C142A1B1C@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2541-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
February 02, 2021                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:78.7.0-1~deb9u1
CVE ID         : CVE-2020-15685 CVE-2020-16044 CVE-2020-26976 CVE-2021-23953
                 CVE-2021-23954 CVE-2021-23960 CVE-2021-23964

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code, denial of service or an information
leak.

For Debian 9 stretch, these problems have been fixed in version
1:78.7.0-1~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmAZRsQACgkQnUbEiOQ2
gwLjbg//YWq3fe7BbcsYHcWbuz08ZfJl3fno71BO1W3Zu8l8h1B1YiDsl6AcyUZ4
2tGB/8RjELQD3z3ef/0a53BC9xB7RrqDTXHauovkO8FN7pHX0Nk9mSFk3QHal8da
KY7AG0Fbt1S4TWJHihZHWMdxLpnubBqAzZNzpzzqehtZIKB3MDlbtd2jUB2XwUGN
OxbcS1KPvPHq2cwzuhBss9StIRUEuWQEKSk7BM+b5Ts0LXhZPzzIfDrWsprtVxMk
eHyQm+PS99UP/aFE6LF8t6A9o3gS/tulYZjg4XNunsIaE9+sZS0HGDWrBhR7JgYs
KX2aQGkyS5U9fvgw4rg0QFCsiSCWBPNc7lk8Mm53wtDCI6xrTaPOGz5LlfsuSdF7
+Qj3b/6sQv4l66TQbrEKz0/8rBjsVHplE4YjX/0aD7cRvg1/rkayCOe9Y6eParDX
fSHoKl9cLzKi2rniwbbx57DzL4cktKri2EvMo2TDDeoy3xKRFd2rhzFn3CJoXix2
ug7vaTPVfa+8xKNMoIycXcKfhWp7lFm0CVDWCF6zOqpW4oKN51asCqY4uL+BA9wW
CUaaHExNlbYk04iBOUdT6UYWndJRT7StgjMA7uKYum3MZMnvXqr3Jar5oTUts5C/
nLeXwU5FSrGmyW47O0iR5bHFDxvTo2vOYAZQy3FylPDDP3Xpk9E=
=qsaG
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2539-1] firefox-esr security update
Next by Date: [SECURITY] [DLA 2542-1] tzdata new upstream version
Previous by thread: [SECURITY] [DLA 2539-1] firefox-esr security update
Next by thread: [SECURITY] [DLA 2542-1] tzdata new upstream version
Index(es):
- Date
- Thread