[SECURITY] [DSA 5670-1] thunderbird security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5670-1] thunderbird security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 22 Apr 2024 07:41:36 +0000
Message-id: <ZiYUsAMj/HlfGhKV@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5670-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 22, 2024                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2024-2609 CVE-2024-3302 CVE-2024-3852 CVE-2024-3854
                 CVE-2024-3857 CVE-2024-3859 CVE-2024-3861 CVE-2024-3864

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For the oldstable distribution (bullseye), this problem has been fixed
in version 1:115.10.1-1~deb11u1.

For the stable distribution (bookworm), this problem has been fixed in
version 1:115.10.1-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYmEi4ACgkQEMKTtsN8
TjYidA/+PvxudnviZz8CZMPFH9PTFAVbrhZKW0Ns4GS+Y4+oSZJycTroYQSukfE0
Suame/p8jYTCkeKhQ+oF1cjPgVbEmgpAx4aMXHeRTMpsTNUA/S1xdcnqalEWL/4m
TJJuB2jLIdq8b0fKnbsK4jItc5N5IyXKubQ51SUl+IkVi3LCohChMhv8lx3XfSZd
p/x5JXXkoG7fbjVcpy+G55hS3DemUGe9p2fZyT7cXdeq7C6KhKbf42i41iZysc7h
Osa/rYVw1rCAoDg46/lBEoUydXsagYQMk9BQkWLygwn45zll2JBDL/shjwTTUL97
jj166GcimA3L3NA6tt062XDrlF2dELxSbtX6Cgef+6BBDt8f4xsk+AjCLdZN5bQ4
/C7DVhzrLUecTxp93vapLsmQAlSc/7F3aXJD6mNfrIX4qG1iREhjt09bxmuDua5W
du4ppHPqTioWPP1aCFnXp1G3UFkcW/Q6gp54sfJOWla+S2bBaq/2AS4qMq8rCz1Y
I52XYMWMQ4lCfC2ObeGfkPaOLWcYIGn8s8tYCp1ke6AHbKhivz+ccUZ5nZT6GdL9
kBitHRL4bPKgXXKKUYxdNwOngVV6AuoX+JRhwyFH4vmKjBH6YnqiK8WHUd0sWXsI
3QFiYZCplDAL30vLOw8vk5oq2j2T6SgmzO/AkOI+0oN7MaB7F8U=
=9I0b
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5669-1] guix security update
Next by Date: [SECURITY] [DSA 5671-1] openjdk-11 security update
Previous by thread: [SECURITY] [DSA 5669-1] guix security update
Next by thread: [SECURITY] [DSA 5671-1] openjdk-11 security update
Index(es):
- Date
- Thread