-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4327-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2017-16541 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12383 CVE-2018-12385 Multiple security issues have been found in Thunderbird: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. For the stable distribution (stretch), these problems have been fixed in version 1:60.2.1-2~deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlvSM28ACgkQEMKTtsN8 TjYn7g//YSHTwS9APccovA6bvPam14mt5IAc4zm7fj/N4cGriZFY2PIGcOVTs/gB dOzt1ywn1i3dm5iuarozZmX2oniJsblHrqIIhunUXYnbru8XI/8MMKXTyu3al4QP H/gtxdfWWQosL5w1U64h2Yn1RcUyAf9ZCuknRW+hLLLizBEKrDZhOaYEQDiiChUe uTlCwsLj/Rdk6eF2cCXTU0CjUUhos0EZ4A2cLSNGGxKv7dcwhIB3FwV2Gei6tdN0 w5oWJ0lKaoJuArxwOV1CyH6mpCP2vW53VoXmHsiy1xoDd3F5JhP9kSICARXHd5d5 gz8JVIZLT2UDhbZc6UCdbLVTjHsnXmOjhmuGvI7AY+S6sDxBCoJng/al5qEIu8zl w+qtpsIAf55r7jBrwg5MMiK8PRGPUFf7IkQuzDVYSvm+XU16SjFJ15WAUR9kkvf7 JTUoek72ELoy+EI53be+4iB3ZSn0pjKGVlEgmGSG+pcdoukmvgccIGttaHib/bui 5bM34wkjO3twpuIOn+ZI6VLssu0aE5pETg5DdQY++UzhSVCxVluS/qzmhGyiFpew 0ijd0ijMOWDGA0ShM1/YwFfwAIYdggtGwu3k0+OxT1fEk9eaphg8DrlS4DUJW7+f V3WqV3d8DwvWgQ2D3F8uRypKZDqnxc47N5eFlYPmOJkcW/dYFgY= =CqFG -----END PGP SIGNATURE-----