[SECURITY] [DSA 4075-1] thunderbird security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 4075-1] thunderbird security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 29 Dec 2017 22:58:19 +0100
Message-id: <[🔎] 20171229215819.zvw4dut3jur5dnpr@pisco.westfalen.local>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4075-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
December 29, 2017                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2017-7826 CVE-2017-7828 CVE-2017-7829 CVE-2017-7830 
                 CVE-2017-7846 CVE-2017-7847 CVE-2017-7848

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code, denial of service, information
disclosure or spoofing of sender's email addresses.
 
For the oldstable distribution (jessie), these problems have been fixed
in version 1:52.5.2-2~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 1:52.5.2-2~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlpGreAACgkQEMKTtsN8
TjYLpg/+PFr7jhunHIKKPL9oOeAlH7MkX4KKJmn0I/M+zuwDfiV5OL2vvdZmKIlc
iT9gAVzlUt9kMtk69JhCfO7ieudjtKCeDCKNuzEHHVM46fZDsVQcxVnsWpscoPd1
CONu0exPt7SWpTLL2jl97+BidJq7D64807USDCx0FuDXjr6v3bCYodjTiGIXvrfF
oa6Xn5gZQLS/GvdoS83opY1AltNG7mdRY4b/q3qyJ1uYLT2q+63VFsis9FKVccCz
PACddLJCiI1cQ3CAO5imO36jlckCw50G3cL0x9lj6xKnh6pI/rUhdWZIw1B2XqlO
ntxCXED5Ch/7DxmrvPJNmPLJUMwFxOObr6xVtIChbVOgsKib0ySKYswxTOTv5ABD
toheIp0tqr2asrP7ETjqmIocuDFULE24KM4F1hu8fjplmwL7lTTMf6kS4VpJjf4A
ZjqDsakXVoWOwrJRsehzphPnbECCwuJSi9yWtSSJ5IrBLIl41pEOJIOYZ4B9EGbp
eD8dzIhn2oreBWeRPIOshq+w1NNKhn3FDZHeNr16R2djU2h3osWlJIELo3+9TbVd
AEaLYdd7uJ0KR5Qgwrm4uxs2Y5W9K1JUOSN+yk0MjXtyzFjxUVCA8541A1iVMTyl
/3O0I977R4jp41fgUCfaOK0Jkelsk7V061eeFNiefENWGkdjQOk=
=hPX0
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 4074-1] imagemagick security update
Next by Date: [SECURITY] [DSA 4076-1] asterisk security update
Previous by thread: [SECURITY] [DSA 4074-1] imagemagick security update
Next by thread: [SECURITY] [DSA 4076-1] asterisk security update
Index(es):
- Date
- Thread