-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4337-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 10, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 Multiple security issues have been found in Thunderbird: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (stretch), these problems have been fixed in version 1:60.3.0-1~deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlvnVagACgkQEMKTtsN8 TjZLLg/8D6UsuVY5HfpDkJ//6sb6Gf+RIuYGOapf9zQn/g1F5KO9Fq4A6prMcMZd FlI5FcNKHku3MOgRvoMzO6juSg1ILCBv0sOGDyqE5+8GhRrvj0d/dy8wPuT4mV8O LTf3TnL8MYFJbvDwix3y5qe+pCFYYUwiWPYKqEE7wlog2H1n5Y696ciGpTgr+UXG bDPFCLEQ7lQ8uCvsEcrYMLABm6oFDPFEQDqb510EbkcuOOt2jKfl/H6Uvsca2AYb SEcPP65W6yWThWZIUJpbkO5qRCQYV25SoNNN6iH7SmxHq2WFbuYFa3hlL9+2LcWp iQnknUxWWu651rxOMMhearj6EaJojIP0HqJ6/zvHlrHAUu68a//sLgwMs0eZQU3T liDau325U9sQzlgZ+M6e2QjapYKIKADQSTQA+WhCNSmRjMhErk7VL6f2LpEt4E7H Rfju7ZLhTuCjqT0RfssqHXXnNe0YeQJvH6zwYDBSR6LSnBhr8OiUWARCMYOPV4bH aFjj9ErWY5csfuLZrzbc/C3mszQayjIZAHKDQn494Ag3qI/MZad2GgFsZ/Qbv7ef UDu3OVCl2/EPt0FHXmxZTPHhpKVmMjMB6q9KvaxPfn53N/55tbBm/tcKGQctA6s+ OJZEuRLdAZ+rj0Rh5hd3gh7XYoyxJQEPsAABx2hrwzLlrfTBVx4=X4zw -----END PGP SIGNATURE-----