-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4102-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 30, 2018                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 
                 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 
                 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code, denial of service or URL spoofing.

For the oldstable distribution (jessie), these problems have been fixed
in version 1:52.6.0-1~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 1:52.6.0-1~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlpw0/IACgkQEMKTtsN8
TjZv2g/9GyJN0gENu+6cKGmlijuxFQTIMZ5tgpPPnDdG4jlv72/fDbhOcQc0kxle
LNpKl0/7P6j3ws5uv9arZtTdspQv1yFNnYQYB95oxN4Ebqjsy2m5yS31ehWWxFmV
aV89x6fY84DZp6WH+AjbFpsP4dQ6J5p1rhu12fiTszQNyHQR5L9wxObDsUfhQwzD
JlxSDKorDqkPRPfewpe4Z2I3IjCts4xBHttQQ1U8+AOX1BMR1iZbinKQ9un5qDvV
7SXy57YbDwv0q9MyhpSp32OeBshEkMk/rmxrYRCgPkurE2ifYrkPHcYq24qwH1BJ
QEbhKNYHBMAd07sHtqMqXxF7hOOW4VJdnsrrSQj0fFlkMI3fUXbKUHrihgEAYdR2
33KeJ3QFi+roJPyHMnEM3BtrFqdYbmEHP6LVmmHNcd4JotfKaZO2Cxlosup9v5FL
CABZRDY7NJtlW7v2rmsKSXdK7KPaUfT2d/Yjkhxb0PDFseC+PR3G9JEWqMNVSPzk
VqwR7N3iWH9eWgqH2aIYzgMRt7jwiCtQXjuSr10UMjFAcR8bxXd7/HS83ihW8Okt
6TpVxsXYyjrzTY1MC2osc4LKTq1uKljeOJgpcqBAi3s4cAoFR52VR15y/AFJt/PG
OssMQDPskmQdT6E3qfRQWHts3nyYnmm8Dpj8pS33ITknYIAJRLo=
=ZmoG
-----END PGP SIGNATURE-----