it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5644-1] thunderbird security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5644-1] thunderbird security update
Date: Thu, 21 Mar 2024 19:21:40 +0000
List-archive: https://lists.debian.org/msgid-search/ZfyIxDHI6CzYPH1w AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=lVAj28e048foont0y8gfNEsp061sJQiJvilQ6c9UB7g=; b=cr d4n0mlRsynogE7NVppbhISTcrnJLnWSIlku+1pJCTGssHtHmlR+VDWNcethWzDLmnvlFvkbkHxSnh OVnUN/epqV5aTG+r6h2SHEmwHF7atW/hFRjwvELPsRNX8hdOCxrAn+fbsLBUdIaIulZxGTV+zyVvm CjziDay3wwTiGNHOaDEcuxtjxPvI1mLBaR7yTlKob6Wo7zVG90W9OAQilWMmlVcvmW4B9VeYmstFY TRzTjjPyvIK8/Aa45kKzPWGo5i0ziqcGY8frQrevthYlmW2ebndSFylY+rkofDbfqniZORQCnHWRk qzNwulycU/zwyF1BxvVa59/RWweQZWUw==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Thu, 21 Mar 2024 19:22:17 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <OkoZeqAd2oC.A.XMG.ojI_lB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5644-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 21, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : thunderbird
CVE ID : CVE-2023-5388 CVE-2024-0743 CVE-2024-1936 CVE-2024-2607
CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612
CVE-2024-2614 CVE-2024-2616

Multiple security issues were discovered in Thunderbird, which could
result in denial of service, the execution of arbitrary code or leaks
of encrypted email subjects.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1:115.9.0-1~deb11u1.

For the stable distribution (bookworm), these problems have been fixed in
version 1:115.9.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmX8hhAACgkQEMKTtsN8
TjaPmQ/+MTNu1OKBG0MkU8R2C+yhcuJUjtzb61MQNZR0H/0eDli0iOT0KzNSt5Hg
kV9EIM/OrLSTaWjSP0ZCP5LwOvXSe+ziyHBmmXDd6UAOkzequdqZqnrWxwJENo0G
vb8tQYRGjKGtKGXwKTNOut+Ap33NzwHoX2ERqLyDT9Ta46N2bJGwwWgiiYH340d0
Mlfu/CgOdGSo3oKgsY7zbiFylDt+uTK5vXINbQQjaIkuh4II/ScixXfUw8ipNYb7
8jAkWoQkNFHTTf1jPiFFUULpfW0MfBFdxE6Fv9VrJzfUP/mCRHel9A8tsVWTnBKT
0pcHF8lVLWEvgs/OSsvgybD1Iu6/sLck4hELskhTyKKY2yPcAl5cAfo9z/FmknUw
lHaDFJw7cLMoG0oJustQFXltvnptzSuxwzi+dcCk7UBz3ggouGv369Vl+q2BaOJ1
7tA0LT9rnFvzC9qllX0oFeD1REFBDwQUFszJ3JN3ltr/Z/3n8Alsa63wxbRU+e80
bMc6ZADmQIypTa23JihaYA7c3sGxCFo7q9phlb6Lm39BZwIF3x6YxcHvgz4oIrDZ
kfB3bE/F0eyz6Z0UkPczuwNj+bedjFsdapAtqYWPV13w14euj5GoYBwO+p4y5C+c
egxECd6L+avOw0KgO2OpZ5VhnVdncRC/8TPu0y9UIIdFz6vZMGc=
=zIpz
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5644-1] thunderbird security update, Moritz Muehlenhoff, 21.03.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.