[SECURITY] [DLA 2449-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 2449-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Fri, 13 Nov 2020 11:41:43 +0100 (CET)
Message-id: <[🔎] 20201113104143.37DF32AC169@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2449-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
November 13, 2020                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:78.4.2-1~deb9u1
CVE ID         : CVE-2020-26950

A use-after-free was found in Thunderbird, which could potentially result
in the execution of arbitrary code.

For Debian 9 stretch, this problem has been fixed in version
1:78.4.2-1~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAl+uYucACgkQnUbEiOQ2
gwLDKhAAqdyQDtNJXYBQ/58BuR+4tUQ+84lk604Cn0D4rPUW6Aa10px32/ybbUKC
c1Ch5qFVNsu9bKdfX6EsrWL5NdwyRGW6F47PsSmQkdT96TuvZP3DzBfChcT/SIUv
PXC3H1IM1f6H1SJJj5vyIS2hwXZsJHn1/hed37+O7UFrY3o/CaFyApSsgFqRJtCp
dVXtWaEsru9CgWbayGmtAQQWEEPCKGg80UrgUND2z5md3/ka9R9sh9yh+/hJtYy1
SH3hQEOrawlaW2Hww9aX+LnNY3aUg+Xz1oMG2rKhSWv6FFnyKduYMEBQTP+ogpe8
/G4Ew6ztea1Ypt87Skwnx68MjPAijOAJQr3ottITqZNJARJxz3wHUkleKp2f5+DU
rGivzLVmLorD6EpqUbTHHmZ8nV48+0JYdxzX6quMCCY6wcIGnk6MGny+h70prQRN
QPJOye9Cs/j9mxIpADgsmm0RtCqGbIn0Wav+6FruiOy4Uu0bXv1AsuMcLZVINJ+K
+S6iOV1Bx96mAn0H0NGeGdU4zxUf5cCqQcpQMtzqzNyqNwxjH3gzn4dV9UynL9fR
OYWLpf7FMTQ+bNI0h9H9AbR8dWIxfAKulINmHhW94azyVeDBEQmL3lj+wSin6aj6
NzCXK6j30sgqFWlWBS5saccO2Jo3HMwZnn91bOTQSU+9qvl5Cms=
=oLqR
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2448-1] firefox-esr security update
Next by Date: [SECURITY] [DLA 2450-1] libproxy security update
Previous by thread: [SECURITY] [DLA 2448-1] firefox-esr security update
Next by thread: [SECURITY] [DLA 2450-1] libproxy security update
Index(es):
- Date
- Thread