[SECURITY] [DSA 5118-1] thunderbird security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 5118-1] thunderbird security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Sun, 10 Apr 2022 18:10:05 +0000
Message-id: <[🔎] 20220410181005.GB3510@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5118-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 10, 2022                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2022-1097 CVE-2022-1196 CVE-2022-1197 CVE-2022-24713 
                 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 
                 CVE-2022-28289

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

For the oldstable distribution (buster), these problems have been fixed
in version 1:91.8.0-1~deb10u1.

For the stable distribution (bullseye), these problems have been fixed in
version 1:91.8.0-1~deb11u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmJTG7kACgkQEMKTtsN8
TjbzLg/8CrYnaQBQceoOrZtSrJsp+t5ipnyJbXyTiMu0GJQReKD2WZnjPiMUgnNg
QFmlmgcvZxXVdH0qPOkGoN1MdnCk1nbS1iJggfswa0yTBcg0+ogucfchMqfDcrV0
HTkOTdaDCzmTSzx9TwVH4mN9PwHUlMfnV1FWm/U9+y6NX8OSyLoquIvFC98+B438
+lBTKvPgwgtwnPVy5Yx7NbrzU+9pQbnUPfD15HublXQ+582lr/TSg450FA8tPaJ8
yxL5nqX75nG3WSQPkWqPSIdKadD2AG5L+KfwbVPKPkil24tXguqRV/lCHbKeiY7v
GbbxQzKlesbsT+VV6Hc3L/WssUxg9Te4S1Ho/D3VgFVEK6zhN+MbHnmJ1BJfrYaJ
vIQJiOoLFvb9iNM/5hjOwa/Vv4A8drDhRc2WyF/4x91dpr+KHW9Ka4U9HN8kDq6R
ZiAb78EDkxqBnEhN2y59rXHzvCn8ygXSxiNT/Jx8v4c0J/ebVISi/sFiGbIinawv
/PUV1h0nRBzBq5GPYaKlUJcJcZEnY11LKFoUgiKm+u3vow9wiLQPrtVEZRrHGppu
7BWUNvEipev7p3SdHB5HpocvqzB532sFpmHK/9zppcN8xtpQZxYsvw34uN9/5p+s
HzpkFpBMbrXucA6nmaT+b2YwCemiNbqw3S6NscMhyM4e2oH3Fb8=
=KcZ7
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 5117-1] xen security update
Next by Date: [SECURITY] [DSA 5119-1] subversion security update
Previous by thread: [SECURITY] [DSA 5117-1] xen security update
Next by thread: [SECURITY] [DSA 5119-1] subversion security update
Index(es):
- Date
- Thread