[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 3432-1] icedove security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3432-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 01, 2016                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : icedove
CVE ID         : CVE-2015-7201 CVE-2015-7205 CVE-2015-7212 CVE-2015-7213 
                 CVE-2015-7214

Multiple security issues have been found in Icedove, Debian's version of
the Mozilla Thunderbird mail client: Multiple memory safety errors,
integer overflows, buffer overflows and other implementation errors may
lead to the execution of arbitrary code or denial of service.

For the oldstable distribution (wheezy), these problems have been fixed
in version 38.5.0-1~deb7u1.

For the stable distribution (jessie), these problems have been fixed in
version 38.5.0-1~deb8u1.

For the testing distribution (stretch), these problems have been fixed
in version 38.5.0esr-1.

For the unstable distribution (sid), these problems have been fixed in
version 38.5.0esr-1.

We recommend that you upgrade your icedove packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWhnMUAAoJEBDCk7bDfE42eqQP/2cgxDVRgerMGZoV7mCPe7fw
8ROks89DP83RWQC+OMXgV4FsB4EdUEQuBs9Dytkd22V/iljk5pUsdD1OR6NK2iPX
yihL29PkQmYKdF5RoWRvB9e702Atkhd2IeAknxC9LHeCxize/2+8dMmDHTRzx9t1
xeXNR3teeAq0ugNtYoSmvGqC+rSpVyqEYFekwK0mwJx+sPPrEv9LoqJod2AoEExj
VYXdQgxBLgjQFko6tm/8wB1EUGCLAwL/LxJ5Anse99uLJcqGWkVfhp/xNcl9APuP
uAqlebmocNJwTpAdzftiLFZxvcDr9r3e2JIMWxbu3YK5+3H+QQu2SjXhw5WX8kqG
qqK0c3Ic/sBGCkU8Jf4A1Xc4qPWRmLk0Hvvn/9h0+S52Yu3P+jVL8WHBMC5TUyXA
2go4McN3EPq0Bf7BuZDM/+WSISNp5Y5IuMK/OgVSch2+gOPecdmvAerkmrw/IAd1
sL7LJ+PW47SWqrGBGyR3epORAxgdzhkC04RkoZ3dlIGmr4/MqJOjBp16T6+3y34T
8atRL5msIUTZtbJh6+bJG4iq8e34bk/Pq17T86lewkholTBwrT2QjobGsmAk799f
EpX0YOlP8M9KfsXR+7jzXoT+qfBAWIGy12ReAeT+NjuUXQxjEqODQT1GKHrxgiBH
TRNH51ikuWPGhWa/LRRw
=lRoV
-----END PGP SIGNATURE-----


Reply to: