[SECURITY] [DLA 3020-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3020-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Mon, 23 May 2022 09:46:38 +0200 (CEST)
Message-id: <[🔎] 20220523074638.C62DD2A44D9@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3020-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
May 23, 2022                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:91.9.0-1~deb9u1
CVE ID         : CVE-2022-1520 CVE-2022-29909 CVE-2022-29911 CVE-2022-29912
                 CVE-2022-29913 CVE-2022-29914 CVE-2022-29916 CVE-2022-29917

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For Debian 9 stretch, these problems have been fixed in version
1:91.9.0-1~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmKLO9oACgkQnUbEiOQ2
gwJjuRAAlE3S+0kXCC/xAnYuCINJFilG9S7e0tWHPHzoKwpGwg4Bz5cVSeS6HqKT
iALHp/EFsk60LfVPxNie6GlK5Jw+nlFfprdSjJC8na+5oMofADlur2c/qW7SLvGW
v28SfINYkKOPGKVkb3uLtHG/YAocvSpU9ZGyCCL+EGf5hhlGB4wwuQrzSJsLXFDI
dwPPGYboowW4CNDozn8cehFzJkbjl0xXZURf/ir83xzO0DR54o5TECzB28JarmNt
ITXArGyiq95/s0/JmZaaYEvnYSemJvLKxhbHCOktwyLDcwEVc/bLH3JbUCsPVRHc
bXm4ktHbxRUknFvTDKolxX2UzTlMJ6vi3C2lUHxScf7Hyddezsv0vmIRLq96ANs8
b9AAygOCyDSx65vmfulNAXRkzNxz/jalVeinTel1XJcgG/JeCmOg/UFOJWrwKlyR
aIlm0gH0VNA9E1x3u4SDgybxa09ccPM83hucxRL/RgN6BxzuWHZ7b0i7JOKnJuM8
cRtRxGiP0aRXXlczY6QaYEJRDqrePB3XkFcrrEr8yMnqzLBIsLgRcIGTaJQjgvHC
daTjDa5Az37IOo8W9Nwe7xfcguFku+tZHWRiIu8Hzs6pmHXFb8N902y6ouEwfrqf
8wdNXh7sjqX3mEjqGMxeveF/WdDKIkzxq3wWRNTtUG/Apjy034I=
=rYM3
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3019-1] admesh security update
Next by Date: [SECURITY] [DLA 3021-1] firefox-esr security update
Previous by thread: [SECURITY] [DLA 3019-1] admesh security update
Next by thread: [SECURITY] [DLA 3021-1] firefox-esr security update
Index(es):
- Date
- Thread