-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4392-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 16, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2018-18356 CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 CVE-2018-18509 CVE-2019-5785 Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code, denial of service or spoofing of S/MIME signatures. For the stable distribution (stretch), these problems have been fixed in version 1:60.5.1-1~deb9u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlxoOkAACgkQEMKTtsN8 TjbMIQ/+KWjjve5vJ/rRCfu4zHa6DA/7nqkP1cnFztJMoiWM2RcTLHWvqHJ7Xk9X a6DDx7g4A15OpDd4PkJ3fMxb2rxycHbZp/bfuJl3daAlr7hQGWYXs0jQPl7/FXoe 234qKZN8Z/quk58qg2ThTI4Zm5f4FeTActzdVCIEfnoYhhp6z/ahyI6DffcsQCmR kwJQ5uQzT2ynGTle6pXWrbhS5NhxbY6SrXRSJw5ZUdXtAkIzWtLZGL9aWW3kkGIF DBw/xrbBgMJFzosgV9cYdPPPd1PolQbhEDOayx+63qSnE5aPrKZuNf6UyoKXZwsb h5ITzVUMmJ/qCjeAzgiB+HQa1mQOYf2WgZeAXHjiHepTss7PouFLqw/wT6hZy2oh k3AVXVOegzJMQ/HKAOAHPyFcK449TSG84qyROxixQfFC2vwrxBErnZQyBU50XbHC AscIqCvlT4q4oQxID1+aLegd66eTPebCqSD9Z7oc5TY2WQLh2uqlqAD5gmjcBB1v KF1x1y9ZZEEris7PIch0v/yqSUffeX7Wcef8h+qpvxB4KtSN0r2Qz2G2lFzMt6Em M3zgoAOQvJWj33wNQm1Iy31v5OMqcRmFZbKQsG3IMdooIZCax3XiTOlpBJxW3zki FYo2+3uGDYbVvgObSsRDKLyP/GULtmDO3VuXJ0rtgUA4ApAYFkw= =36NY -----END PGP SIGNATURE-----