[SECURITY] [DSA 5803-1] thunderbird security update
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5803-1] thunderbird security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5803-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 05, 2024                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 
                 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 
                 CVE-2024-10466 CVE-2024-10467

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

Debian follows the Thunderbird upstream releases. Support for the
115.x series has ended, so starting with this update we're now
following the 128.x series.

For the stable distribution (bookworm), these problems have been fixed in
version 1:128.4.0esr-1~deb12u1. This version is not yet available for
the i386 architecture.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmcqaX4ACgkQEMKTtsN8
TjZR6g//Yz5oKGY25G4T1qqpgNVKnbG2otH7lPRL72lZVjtOHGuM+l3h5aHDEeJZ
igF15ChM7XGlBht/tZmvSFYxMGEnBdYehzyVEX7ZXM1hK3R31mG/X7x8BVEdzo+i
BflYPp4of4AFfJlxFgV0NsySHN0k411syCtl2Q0+hu9yyM1nPQbLzPbalnkT+pNl
80Q88g3XQrT4mjlscJeTnHOhIgfZxmVMIjFd8W31RhGuVe3QnN/bjaApdr37D65p
XEomoOIRwRhE6AmwCIBv0spepS8QmfxN7h1MRXh4u6Wdca2/Y7jD959pN+m8MmDF
o0FUBetZt0sgo6qMpnaaMBEpIQbQT9uTt4gA88HdNULc7CTqDBj/oWoruqDiNd/f
6I4n2fOoBfeo/voZlzvhX16veRcuLa3HZ60ifnxYmUPUoOKAqRTO/LqOdhCm6nm6
A/hAmAoG3GspVcUO+im6hi+2NBjxaj3XdX9O7L1k5fuavRq256v+9XIUv1iSlOtY
Kk7XcrGST9mnf5iGTXsDC7P28Wy2+mFFZV1T/+Z6Y1a8bPY3MZ6RPIZk+I19W+Gw
cCJwJ92uaFMKB9zrRaPuAEfnRzP0piHJxgX+vvEC8k7RbHlepuPfD5548WCjAf1b
g+X4HyW0Hlv9dXTRqY1YpDBCh5J77P7b7dakmFR9Yutaxv5ldlQ=
=qixK
-----END PGP SIGNATURE-----


Reply to: