[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 3918-1] icedove/thunderbird security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3918-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 25, 2017                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : icedove
CVE ID         : CVE-2017-5470 CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 
                 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7756 
                 CVE-2017-7757 CVE-2017-7758 CVE-2017-7764 CVE-2017-7771 
                 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 
                 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code or denial of service.

Debian follows the extended support releases (ESR) of Thunderbird.
Support for the 45.x series has ended, so starting with this update
we're now following the 52.x releases.

For the oldstable distribution (jessie), these problems have been fixed
in version 1:52.2.1-4~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 1:52.2.1-4~deb9u1.

We recommend that you upgrade your icedove packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAll3o/IACgkQEMKTtsN8
TjZfXg//WEMFj5dibyxxddQMnz0TuMteiAY2lvxKmV5F7IQ0NE+2SRYRKVNiiYAN
fj6jj0qfLROCtL5lgfkX9BuiEcWeatRWrFpNt0pnfmYtUWoOWhGJSAXiSYF8Ab1g
KAz5T/KNL78Q8DFD6Me9b58fvn8R1+MI91NHi3lvXvkSD3FzccWx0P0E8f2GOs9Q
w44oCfDVNugOCJBzRLsvyE01Rpsyx+ChqGpKBz3Uu0jiTh0RhbSxvxooYkpSzuKn
Utzg3MBcWa8T8wycEWPZ/GpHarRmsk9s63vICZP5RHc12XJvxwf2Y58B6vidjFA/
f7ociV6NjNysJj6RwqoaDInvUQxSZRdxFG29+FGigr4IYXw/r+8LDGQy7KIXHkBK
yWdrexvdBOUKHbn2pivTOCT4uo+uj+2jNN6SY05CiVnslmS+awwKLxVxL/K8iLjN
cOcYo6maAsx2BG4sHjhq+fpn6hFXcGqZP2OtoH2u0ipP0Ks1mzgTEa42nk1ZFlYv
AIDqbgFbPRxxOvu696DiKZeoBWyKeGSdRgz73hA3PogEPAsOArorRAJrexgK6vsr
8bcUWLBif6JEanYdP1CAIUNPenVgFKRRfdqaejp6ei3JKfrGIdGVgKomJDyLoEnK
KEewYHPHXAcw4XbKk1jHO7gTw8NJV+z5oHVGiwhnIMjC0GChQG0=
=vcIQ
-----END PGP SIGNATURE-----


Reply to: