[SECURITY] [DLA 3769-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 3769-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Sat, 23 Mar 2024 12:22:35 +0100
Message-id: <[🔎] 20240323112235.30CF52A58EE@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3769-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
March 23, 2024                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:115.9.0-1~deb10u1
CVE ID         : CVE-2023-5388 CVE-2024-0743 CVE-2024-1936 CVE-2024-2607
                 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612
                 CVE-2024-2614 CVE-2024-2616

Multiple security issues were discovered in Thunderbird, which could
result in denial of service, the execution of arbitrary code or leaks
of encrypted email subjects.

For Debian 10 buster, these problems have been fixed in version
1:115.9.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmX+u3gACgkQnUbEiOQ2
gwIQyA//fsFeM6KFIQR/Zi0u+vV9AV3VTP6hf1PgFtTJhtIDgiaqOvhqIqRa2Blm
8zf8J/p51ZJsQCCyurreS0uFqHL3fxKtRy75AprJ38xUz9z7xEWxX1QPuJmxn6+1
OT8uyg2qm6G6Jfw5ywsDmGzokes0s/qaQAVEw7a/QyGZ/xarbc+oXKeCRSavzPKu
xahmLH4PWYBo4FDfvCzENVO8Rh4S2yArSdZRIsXvbbQd4gq55M1kNULVi1be/iXn
sj/b+QqG+4tVJ46QZVWCY5fZBQ8Sn8fK+bxBOW/rfnLoroJd84y69Drj9rDv4FCy
Vrb1HK5Oc0fbUiZpv8NIV5H8zpQmeJ6al8elxRJ0J9YHAELiTkfPaysxMrlow2IR
F/fW/NjF/NDQplDQ1YGi+StKBJbfk+qTaCOVz6E0ASLzeMvcsilfmnVtbeOqfSzX
kiRssGjOXiqSYbtWhTIn5guG3ZLPugupvC6mBJnz+RbYq65iQRp+B0WdyuUe6gPl
/rRCY0Ie2V2x+0rDPrvLulRam+Zq4PEpT25hl0GMhxySfU+h3zjMZi/atwvNdoJG
7MOy7w4AFLGaJw6ejvdST/1fG97JhNBOIWFEyFypR4vufPYGYm4RRHHF26N/Ji3w
O33zs7OUdMOBmxAN3aH5+ZtIS8K2OyVuL+qMJPqFHmpu99TBNjw=
=aoyJ
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 3768-1] pillow security update
Next by Date: [SECURITY] [DLA 3770-1] libnet-cidr-lite-perl security update
Previous by thread: [SECURITY] [DLA 3768-1] pillow security update
Next by thread: [SECURITY] [DLA 3770-1] libnet-cidr-lite-perl security update
Index(es):
- Date
- Thread