[SECURITY] [DLA 3123-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3123-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 27 Sep 2022 23:09:23 +0200 (CEST)
Message-id: <[🔎] 20220927210923.5C35E2A0FEF@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3123-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
September 27, 2022                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:102.3.0-1~deb10u1
CVE ID         : CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959
                 CVE-2022-40960 CVE-2022-40962

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

Debian follows the Thunderbird upstream releases. Support for the 91.x
series has ended, so starting with this update we're now following the
102.x series.

For Debian 10 buster, these problems have been fixed in version
1:102.3.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmMzZoAACgkQnUbEiOQ2
gwIntA/+PLBWhnCnJ6qXpqOnsEsJ/Xny2wW6cgaReEhDPWI3i+6dwr2GbLhhT5SL
AibpPC0IiAGl3/6h3b9hQIX9Oyih2Y6j0bVBU1xG+G5MW1+MaKdT5j52PHfDLquh
CJ2COBEeDaekrjAmrk5JuJIhw/R5T8VLOOsmuk4NoDoLWLhz8uaSZCUBLmv5yTRe
h3U/gv4m8N8ww7ukYL7sh1owIr7MGVAWAtLZuHkpUarkVl3lBrb214rofpLIoMHy
ibjzEo/mlRjz2RcLP+G9NZtKswDsrE3jJNfyYwuuvqvVxUTooyFTP0vXFu4HUGKa
7yUSqm5zwypZEvA/Eax8u9CsXO/7mlV2SKJ83+MpAwWbE/qcQBFFxP68WvI5CfRY
zG4Aqo9H2Whc+qH2TIPfN5OAwVKbDqsGA1Q/6Pr2MHvSBQxqsHGCb6Buqb7HwuIh
ZncjR7hVeo1R/t9U6V7w5tPvBXFjbC8PQJdbfydmi549A61AVipKQhb3owEFF1yf
lkXcDRqiEbEyV6NHnE0TANsknMoJcW05MVEJ4aK73SCxluKRGw5oNvaYzEhSOxpc
RxZxkdcfFPMhDIK4xxG98limjjy+1kwVaz6xaRffQQMlS4z/KfVARTE2p3hd2Cnq
fBK11nLYxljZpNbO+r2sZO3ot14GXZP7Ihb1YkRY+GxmRtywvIg=
=Tgev
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3122-1] dovecot security update
Next by Date: [SECURITY] [DLA 3124-1] webkit2gtk security update
Previous by thread: [SECURITY] [DLA 3122-1] dovecot security update
Next by thread: [SECURITY] [DLA 3124-1] webkit2gtk security update
Index(es):
- Date
- Thread