[SECURITY] [DLA 3242-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3242-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Thu, 15 Dec 2022 19:22:21 +0100 (CET)
Message-id: <[🔎] 20221215182221.D32872A1C78@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3242-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
December 15, 2022                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:102.6.0-1~deb10u1
CVE ID         : CVE-2022-46872 CVE-2022-46874 CVE-2022-46878 CVE-2022-46880
                 CVE-2022-46881 CVE-2022-46882

Multiple security issues have been found in Thunderbird, which could
potentially result in the execution of arbitrary code or information
disclosure.

For Debian 10 buster, these problems have been fixed in version
1:102.6.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmObZd0ACgkQnUbEiOQ2
gwJceA/8C+GXDvjz+3P1WGegsSNshM/+vVKPj4u1lbxVxQnPO+BQJG5RFRsNuGay
A82Fxqi5ZCVyJqjaD0CZwwPegxsYkedkt39Ft+xQPauuFL0zbMjMPKgCG4EYbkoW
AKNDie7YBgQkBt4CPnOszpSSUGcrZ6BtVRaOI4URqAYEPa6T7Z+5WPQpliJ3nRMo
3dRZ1hGK9yRzj3441xRI/6FG4c1S3/CniW4TBQYh3aHb1GkOeW3Ga5MsdqefFpCF
R0o5Q5CAZ+3JBq/9dLwlfatlh16vQv1QGN7+dx7uS/84FCe5xU09UWV2ligY9gu0
jtxzwJRl01amaKY2MmGYpBEDXi4kkJcMuB3hLCdPUbnlsS/KE9jidvNWGbCXWGCM
fCxPiHSQKmY5jSCl0dIkgMXR+vGkFoAFHaU9HcYRvVmjff/hAhD90CwXkWteERN2
Q5KxHhgb4XXausnJdRy+qidwxoB9nCP0GbTm3+ni+N5gEN5gb0B6+rt2UmQxG06V
oIKa99HczFGpsu3byjiLuRh+BJ+h1Hw5boHNj+FxqXv6szku5vjLxHASjPXIXvU1
i57It100CZNdYzSW66xYEvbVgNXOJKME1Y2YT6EVT1LUkVWBPL/fBSzOzMiEkpBl
Qp53sQQpUme2PdC5gVQVmTMC/yqdbXG0FjByJ5GuCB5UxgHfPMI=
=PmhM
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3241-1] firefox-esr security update
Next by Date: [SECURITY] [DLA 3243-1] php7.3 security update
Previous by thread: [SECURITY] [DLA 3241-1] firefox-esr security update
Next by thread: [SECURITY] [DLA 3243-1] php7.3 security update
Index(es):
- Date
- Thread