[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4392-1] thunderbird security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4392-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 16, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2018-18356 CVE-2018-18500 CVE-2018-18501
                 CVE-2018-18505 CVE-2018-18509 CVE-2019-5785

Multiple security issues have been found in the Thunderbird mail client,
which could lead to the execution of arbitrary code, denial of service
or spoofing of S/MIME signatures.

For the stable distribution (stretch), these problems have been fixed in
version 1:60.5.1-1~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlxoOkAACgkQEMKTtsN8
TjbMIQ/+KWjjve5vJ/rRCfu4zHa6DA/7nqkP1cnFztJMoiWM2RcTLHWvqHJ7Xk9X
a6DDx7g4A15OpDd4PkJ3fMxb2rxycHbZp/bfuJl3daAlr7hQGWYXs0jQPl7/FXoe
234qKZN8Z/quk58qg2ThTI4Zm5f4FeTActzdVCIEfnoYhhp6z/ahyI6DffcsQCmR
kwJQ5uQzT2ynGTle6pXWrbhS5NhxbY6SrXRSJw5ZUdXtAkIzWtLZGL9aWW3kkGIF
DBw/xrbBgMJFzosgV9cYdPPPd1PolQbhEDOayx+63qSnE5aPrKZuNf6UyoKXZwsb
h5ITzVUMmJ/qCjeAzgiB+HQa1mQOYf2WgZeAXHjiHepTss7PouFLqw/wT6hZy2oh
k3AVXVOegzJMQ/HKAOAHPyFcK449TSG84qyROxixQfFC2vwrxBErnZQyBU50XbHC
AscIqCvlT4q4oQxID1+aLegd66eTPebCqSD9Z7oc5TY2WQLh2uqlqAD5gmjcBB1v
KF1x1y9ZZEEris7PIch0v/yqSUffeX7Wcef8h+qpvxB4KtSN0r2Qz2G2lFzMt6Em
M3zgoAOQvJWj33wNQm1Iy31v5OMqcRmFZbKQsG3IMdooIZCax3XiTOlpBJxW3zki
FYo2+3uGDYbVvgObSsRDKLyP/GULtmDO3VuXJ0rtgUA4ApAYFkw=
=36NY
-----END PGP SIGNATURE-----


Reply to: