[SECURITY] [DLA 3365-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3365-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Mon, 20 Mar 2023 08:44:55 +0100 (CET)
Message-id: <[🔎] 20230320074455.6B3042AF47A@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3365-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
March 20, 2023                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:102.9.0-1~deb10u1
CVE ID         : CVE-2023-25751 CVE-2023-25752 CVE-2023-28162 CVE-2023-28164
                 CVE-2023-28176

Multiple security issues were discovered in Thunderbird, which could
result in denial of service, the execution of arbitrary code or
spoofing.

For Debian 10 buster, these problems have been fixed in version
1:102.9.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmQYDvUACgkQnUbEiOQ2
gwLWQQ//fh/z6T8vvT3s/oXaw7hu5n/veE5ephqDsBAXog3jBLu92ocALM3FBwoM
pUSS5kWlhE3j/DlXFFg+oTxoyF82g7I90ApRqFeRdpFnwDi47c3XYaumN4mKeAUj
ThX4NXityGV3zP2imVSk6EGkI3Vy8aCUhFa+ddx+Z41OQ7325H0a7e2Nnyy2CYxW
Fe2VW7ynNhbBAC0Rk31JXdtor4EZlJ5NuYf/4KrrscHcYlrIKpHZWa0nkg4hQeJv
kJReeEANzbNb03HHs2REDcZc5USRPGlSs/PXEwUTN3KMPqLZ4gKdI78TY9bU4kJO
YYTBph7PSKX4zTqGX2kOKqyPPfRB+B2l+34EtcK/EuAMcPrWILU23tECKsYqNODv
lJKF5WbCVxAmZu8QDd7BDVHwMAqb4lI1z0hgunV4uC0S4uom1S+QJ50yqOihwC/Z
YgEm5n2HmxQhNLGTnd66riIbOF3JzO2j/Odluszp3f/QYh3Rxo/C3Bw/QsyWCRAC
zaV3HvEub533Eb2jdMIQzd5FbLiIKYj3fP08AGpbUkPrlniJfsBr7H60YlE6p433
1Z1xlpuC8ByvNMD3kM5Gx4/e1LP8RGXvL5wEaV6tUvFgnnZrpIymK6Fn2i9asbMJ
iQQIN0OrTb9cYs0eZpagNOg6KiQw7qKCCxPkYNz2unSiqiKK9Ys=
=kMpx
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3357-2] imagemagick regression update
Next by Date: [SECURITY] [DLA 3315-2] sox regression update
Previous by thread: [SECURITY] [DLA 3357-2] imagemagick regression update
Next by thread: [SECURITY] [DLA 3315-2] sox regression update
Index(es):
- Date
- Thread