[SECURITY] [DLA 3324-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3324-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Mon, 20 Feb 2023 09:15:05 +0100 (CET)
Message-id: <[🔎] 20230220081505.A3B352A0078@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3324-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
February 20, 2023                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:102.8.0-1~deb10u1
CVE ID         : CVE-2022-46871 CVE-2022-46877 CVE-2023-0430 CVE-2023-0616
                 CVE-2023-0767 CVE-2023-23598 CVE-2023-23601 CVE-2023-23602
                 CVE-2023-23603 CVE-2023-23605 CVE-2023-25728 CVE-2023-25729
                 CVE-2023-25730 CVE-2023-25732 CVE-2023-25735 CVE-2023-25737
                 CVE-2023-25739 CVE-2023-25742 CVE-2023-25744 CVE-2023-25746

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For Debian 10 buster, these problems have been fixed in version
1:102.8.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmPzLAYACgkQnUbEiOQ2
gwLu/BAAimY8kGqQIzG0jlBA/SlterHZ5t1oPk77eCWwEMnRQCxDyFcihoL348/x
OhuyEM3siuyVVqG20PTKeJNM4paYiw0jMoHw8OE3aaSkkM9myX/Wk2YM25p48nx4
ikFTTPCCzTJF/GnMxr9tH7G7++DiZDnzqUEWUQ98ellED1zbqC4DsRY5FUKOh835
9w+4BdMeEZks04kAmAHeqJj52ktPrgd1nEMuSsSrKvDnkZU6vmr+Hj8mhMpfOIF5
drDKPA5uiLUo4EtxOaRD+gNySA6e/wdtXXPI/utM1H5mq10eP4SNAcyl5BcEtQPE
JkiZ/F3yPTjMpcvYFOo7aOPEgV3KpiUxublPTURF6wll2vx+GIt4mymu0uJq3swN
dKhnVdrs/wbewa9EFuuJGDH3FuErU09MU/3sAMUhGpUhVfgp+290qbpaN/XusshW
gFfNRIhGHhufSfUmdNofmPYSLOQ5aB05Lu8Lwjtgj8EU0GhGvZusFxyXt3ismfLl
bgGLOdQDQmSDCgGV5bQnoZ/4vbTX7IBZ0MTBOlXAeoYDa3vKAmUY90/aCwhNK+5w
GdLkQ9QA7Kz/kwqyyIZgGzySH3fBReLwizGDS9Jhcm6CJKahIiqmLivI4164SLsH
gCpCI3z2/aVy54yAYxLzDA496i8fmpkN3JhaH+f8AENsSqKF/x8=
=hSUP
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3323-1] c-ares security update
Next by Date: [SECURITY] [DLA 3325-1] openssl security update
Previous by thread: [SECURITY] [DLA 3323-1] c-ares security update
Next by thread: [SECURITY] [DLA 3325-1] openssl security update
Index(es):
- Date
- Thread