[SECURITY] [DLA 4081-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 4081-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Mon, 10 Mar 2025 10:50:07 +0100
Message-id: <[🔎] 20250310095007.5D8402A071A@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4081-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
March 10, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:128.8.0esr-1~deb11u1
CVE ID         : CVE-2024-43097 CVE-2025-1931 CVE-2025-1932 CVE-2025-1933
                 CVE-2025-1934 CVE-2025-1935 CVE-2025-1936 CVE-2025-1937
                 CVE-2025-1938

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For Debian 11 bullseye, these problems have been fixed in version
1:128.8.0esr-1~deb11u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmfOtcwACgkQnUbEiOQ2
gwL/cw/8DC9prQv3hyYaHFZ0b80LDoeNa5RIPK4isMDuJb9tHGyNMqB57Jn+HbvQ
o6eZoVypGsD8jHlSyNRwDz2MiSIukGml9SwGGDd3/+37SMaSnUMclai5vMrOUjAM
OPrV0qh6G10twmVXW2Sf0TqoKwK1ouzPpEOgTFwlDFMfleMmZybGsPsHeOW9kvqR
zPCgYMjD65QhBklvbP9lo5Hy0Bb7ZwV3GJBG95Dv5TjjpO0whhxofnm1Ob39zU/m
o1NYA5YeJS3wyoN5lHdGPvjjX0ZckgXslB0tKjft7Le3U0frrbb+Ce7cigh3bRby
LWRpiXdYoSO2NA5BUhst0JJgkAVkphEnfTfQ6FBeNFlDYGk9abcOJWAD7B0M+rZM
6Uyl8LHUUraNeaiaZE5iX2eLko5WSYrT4/yOPsmFyx1Yqy6UtlM7T3c+hCSy/5DB
GEdD9KTTVBnbNzs7KENzGEMsA68E6UtMeNrgzsVuRLHgswrCdXpnVNhYmI/Xt/yB
7iZggOSQ0B0AUCKywMuJYB+Ke8j8T2xo8XmKfNXo8iTqQ0LXxT9W7NWclxfv9fwV
uoa6f8JmYCu5jwbw1MELpuAMHv5nLz3zQc0cUkV5xiYyC0KOJ5WxkSQpeQmmmUxQ
8V5FnvZOJysPORhDEWUt1r2CR08Y+ZtgerR+hWm+COOfY+PhGSQ=
=fHMu
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4079-1] openvpn security update
Next by Date: [SECURITY] [DLA 4080-1] libaws security update
Previous by thread: [SECURITY] [DLA 4079-1] openvpn security update
Next by thread: [SECURITY] [DLA 4080-1] libaws security update
Index(es):
- Date
- Thread