[SECURITY] [DLA 4110-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 4110-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Wed, 2 Apr 2025 20:31:05 +0200
Message-id: <[🔎] 20250402183105.14DAA2A01C2@andromeda>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4110-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
April 02, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:128.9.0esr-1~deb11u1
CVE ID         : CVE-2025-3028 CVE-2025-3029 CVE-2025-3030

Multiple security issues were discovered in Thunderbird, which could
result in spoofing or the execution of arbitrary code.

For Debian 11 bullseye, these problems have been fixed in version
1:128.9.0esr-1~deb11u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmftgmUACgkQnUbEiOQ2
gwL5YBAAgZyG2e+nBo29nrnwygEFEkSwJoZC7SUDj0g2qaQqTJpW5/jDzoGloux/
wkMXzqi2I068NnJNwL0b/72IStgYokIlTn61jPqdzYcbybkq1t3+hpj1zg1zfcJJ
LXt61rJByi+5QoM9i51VTih88MM9/NFcDvc5g4sKirkJUvnJN8jByYCbCO/C1urH
aLZfYAIl8h5joxgyAEC5cn1TBAZpeG2GnOlj1e4fPUrA8P8Ai1q/5CwCvqR84I2D
KQ159JcagcX6lgrWHkqhsgwL/JrSjr35g6ofDoTujBrAnktxFTijAJwMRLKt7Xhc
8MFZ9H/XIzbNd+504hxjWFJ9mh0kmikRSgfP8IhKR9kYWVVkEUWxEwFsERqumbjt
z0orp6oW9w6GgwJatt41pVLu4IGPHRGa01gBTqItVDCnhF8xiO+V19eYzV5a5yWA
U3hd7ya89kiJ6dVPiwJcgEuY153DlDtDRcGohu1sh+l5mUh4pIXmhKEmxdz5g9UK
O1hKLCZ+ad4y7kV88X3+F6XhSSnjRSSY/GxIXWI9yzCUjwPnWiK04LDwtgEh817+
biXqjnp+/w0Q4aTfjV//h/SzXmytoGVWJswXVi0uUywmkeWiNYnr7ZfyEEXnB9rk
DF7k0JduFgseSjLGS6VdudQMxKbPZuEev20+ecVVdpiaPQg3QhQ=
=zcJ3
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4109-1] firefox-esr security update
Next by Date: [SECURITY] [DLA 4111-1] commons-vfs security update
Previous by thread: [SECURITY] [DLA 4109-1] firefox-esr security update
Next by thread: [SECURITY] [DLA 4111-1] commons-vfs security update
Index(es):
- Date
- Thread