[SECURITY] [DLA 4279-1] thunderbird security update

To: <debian-lts-announce@lists.debian.org>
Subject: [SECURITY] [DLA 4279-1] thunderbird security update
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Sun, 24 Aug 2025 16:29:07 +0200
Message-id: <[🔎] 20250824142907.AAF4F5F000A6@kamino>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4279-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
August 24, 2025                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:128.14.0esr-1~deb11u1
CVE ID         : CVE-2025-9179 CVE-2025-9180 CVE-2025-9181 CVE-2025-9185

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.

For Debian 11 bullseye, these problems have been fixed in version
1:128.14.0esr-1~deb11u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmirIbAACgkQnUbEiOQ2
gwLVLw//VrkooHTcyw8XHHoD0hGu24ZfwRKotnHW7wslOBF+m05ZMzlvrpIDcFlL
A0y6oEfN9YLi1idVIBvkEgyyoKBg8Cvw0vShvO8e5kYYmwtBZTH71qGvRoY9u8Nb
VeWrlcG4336SA1JDmW/gftiyKtMAMQlNtk++y76nLeXajj5uk60ib42/IP9/Fkq9
0+0o5u4CyeTOFGhKplvXboJbV8404xKQCdU3JWJjVkgmYYubgtrjExSJLpxZtsud
7ScM5sJzq1U8/zZbIGEsLWeLF+eMNrh7RRBisI3A2BfhQW6/iO1UFDbXKs1M0APZ
tTrFHL4MCnx/Do51qpZ7/XmQBNvAXsMTfmghzfPcgwY7JYbRNQb9SRLRip9E5bTF
mcKwWUx+GW6Omf1+gM2v9sZnf2AnCPt3YMy3L4512UTFEDFEL3Z/XznTsugDyilj
hSp8qSBcr/8mfeIOqQjoHCpkKktmpLS/6G53mAFeO1xdt6o4uMsXY3jWS/ITCTba
N7f7gwRcuz/dzUaGee9GRB8LsK1zfnuBbponpt5Y08oqARPIIFmn2q0HsTzSyHRh
mUnfHxq4rFeekph/ZZYGniQnQcvf6xz6/3C5pXajkUa1ke8CDxxNUv0hYa4V6lu6
77hZXgp2Tq/UpQzPn7sTb5xJiFlcbY68qXE5gQKrDk44O2r8vsU=
=22ZH
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4278-1] mupdf security update
Next by Date: [SECURITY] [DLA 4280-1] unbound security update
Previous by thread: [SECURITY] [DLA 4278-1] mupdf security update
Next by thread: [SECURITY] [DLA 4280-1] unbound security update
Index(es):
- Date
- Thread