[SECURITY] [DSA 5644-1] thunderbird security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5644-1] thunderbird security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 21 Mar 2024 19:21:40 +0000
Message-id: <[🔎] ZfyIxDHI6CzYPH1w@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5644-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 21, 2024                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2023-5388 CVE-2024-0743 CVE-2024-1936 CVE-2024-2607 
                 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 
                 CVE-2024-2614 CVE-2024-2616

Multiple security issues were discovered in Thunderbird, which could
result in denial of service, the execution of arbitrary code or leaks
of encrypted email subjects.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1:115.9.0-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 1:115.9.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmX8hhAACgkQEMKTtsN8
TjaPmQ/+MTNu1OKBG0MkU8R2C+yhcuJUjtzb61MQNZR0H/0eDli0iOT0KzNSt5Hg
kV9EIM/OrLSTaWjSP0ZCP5LwOvXSe+ziyHBmmXDd6UAOkzequdqZqnrWxwJENo0G
vb8tQYRGjKGtKGXwKTNOut+Ap33NzwHoX2ERqLyDT9Ta46N2bJGwwWgiiYH340d0
Mlfu/CgOdGSo3oKgsY7zbiFylDt+uTK5vXINbQQjaIkuh4II/ScixXfUw8ipNYb7
8jAkWoQkNFHTTf1jPiFFUULpfW0MfBFdxE6Fv9VrJzfUP/mCRHel9A8tsVWTnBKT
0pcHF8lVLWEvgs/OSsvgybD1Iu6/sLck4hELskhTyKKY2yPcAl5cAfo9z/FmknUw
lHaDFJw7cLMoG0oJustQFXltvnptzSuxwzi+dcCk7UBz3ggouGv369Vl+q2BaOJ1
7tA0LT9rnFvzC9qllX0oFeD1REFBDwQUFszJ3JN3ltr/Z/3n8Alsa63wxbRU+e80
bMc6ZADmQIypTa23JihaYA7c3sGxCFo7q9phlb6Lm39BZwIF3x6YxcHvgz4oIrDZ
kfB3bE/F0eyz6Z0UkPczuwNj+bedjFsdapAtqYWPV13w14euj5GoYBwO+p4y5C+c
egxECd6L+avOw0KgO2OpZ5VhnVdncRC/8TPu0y9UIIdFz6vZMGc=
=zIpz
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5643-1] firefox-esr security update
Next by Date: [SECURITY] [DSA 5645-1] firefox-esr security update
Previous by thread: [SECURITY] [DSA 5643-1] firefox-esr security update
Next by thread: [SECURITY] [DSA 5645-1] firefox-esr security update
Index(es):
- Date
- Thread