-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4656-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 13, 2020                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 CVE-2020-6822 
                 CVE-2020-6825

Multiple security issues have been found in Thunderbird which could result
in denial of service or potentially the execution of arbitrary code.

For the oldstable distribution (stretch), these problems have been fixed
in version 1:68.7.0-1~deb9u1.

For the stable distribution (buster), these problems have been fixed in
version 1:68.7.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl6UwKQACgkQEMKTtsN8
TjYQpBAAsP95zkuaDBpomfJyzMU8ffUlDNSbmwg1bdccwjR4JSCpVqZB5nDRy2WD
MzfuobwyQCzh/tPV8iFjbV0T78cR4QkokkwCwpSFcjoM79yPQTvgQBmDruuY78DQ
v48vONAEzX5p8sJEHWLOHQGNrmiNfcndRlXiQcuPnN2Nz5wzQbvoD7MlIPs7t5Hl
5D7L242arir79GUmW84wHT9ixaEF72TTupNAJOdz7J3AGWP0vBSF1sv6U9bJ9mWq
BbP1/JzNK665qyOIfsb4e1Qguk1Llpzx9FVE7g5sEraRajWjii0nOqVPLFlM3OIn
8ZU33b73n+3mkg4Iwq17Fhq4naqL2SiLM9JhPGIC0da7o6iRO/LHwXYgaIQzd4AP
RrAfNLBgpgAnNtA394iMSeEYI3rC1bXoFBi9g1kXQXsA1AqFFuMiZpHnRlV0eUtv
S6LpnZyu66JLDekbmkWAX2ckH5em96vdgOWJfG01n1dflQpWlqYWz8c4k2QEnpO5
GUlQ8jsBXY19wA5BIvC0RPGgCrwPBACDnQvisxcTOhZ9HOwb6HbvmMAway0K7d3t
fk27M6oKDNrQ4/YyE9PcKuYMm0uFNHc89okUgrbCsz7SHiXBBGbTZuhd6dmUbOmw
vBiYt0GM9dWY7ovEOYfF49QYhZ6RUMc0hhuLGHLgckTUNH/RgtU=
=Zl8a
-----END PGP SIGNATURE-----