-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4683-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff May 08, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395 CVE-2020-12397 Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code. For the oldstable distribution (stretch), these problems have been fixed in version 1:68.8.0-1~deb9u1. For the stable distribution (buster), these problems have been fixed in version 1:68.8.0-1~deb10u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl61rrsACgkQEMKTtsN8 TjafRhAArjnN6ZoNxrBCmoIuJfLR7eT4q3Gch/QE/mSG0u8OPIPFtKg/THbRJgWE 0+w1Ml5C1sRWR2ggQBjS+ho7mvGRFzL1CEEnTWn9nls73M/Aqlrdoy5KJjxs+XZj vr/5bYfZNjz6y8ruAl2P/v8j3Q5yZxFlXqT2JYyegc0kvlUZAezkROFu1vWV0PRz qibDQPxWS3T8aMi2WWkejZmHN9nJSJ9rQBY5ZWzcAiDxQCm4x1bism3JXG1ZYTC0 UyU//38okYc+mavyjSENQd/3fF20SJJheFjev5GCsZhG+2wRPl9ZX1mEEsqHDwID L8xHS0AyklE/Sxip9HA9HPXqRCnr2CXYOjOGMscoXON1YLhftKKRrj+juBWKBJ3p xmXWH/YKswG4YdU6Lwo+tSvXhUXseCuA6ZY9w31M4h78fnyztZNH2xo15n/H4bvG k4AgfM9EQSqWq7A1+l18IyhsK0V6EazeaVAZcCzeL8KeIOR4op0rzfjsD9jzpHUA B6Gj3e75mdLDjdqKd/XhrZ3G2yfWeXxmFnBk1A3CEiMxiF6P8DbHSejYFPyuesZ7 MsdUYTjQ/6Hipbc70KvQiFD1ELldcLv/VsipL8bv7ZSdkyH/8CWdmSEjccPhhXuj lEJskOuvTPyyfaaWTmnQkKamWi9K3C44KhZy7zVP57FtKSjok7g= =yRB7 -----END PGP SIGNATURE-----