-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5086-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 23, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : thunderbird CVE ID : CVE-2022-0566 An out-of-bounds write was discovered in Thunderbird, which could be triggered via a malformed email message. For the oldstable distribution (buster), this problem has been fixed in version 1:91.6.1-1~deb10u1. For the stable distribution (bullseye), this problem has been fixed in version 1:91.6.1-1~deb11u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIWr0YACgkQEMKTtsN8 TjYeJQ/7B68/C8BehXyFdkfgWeI1kO/Z7MM/M0HUvfnCB6mBaFW5IdrbB1+yPTy8 d+ZXTXfU6//1/8n8XmkEolsR/ol3dU0W87Vpm+fig4yGPRFioFwSwqN1bTSglERw WA2nwr0Up8GAOUZbtDcWVSIl8MAUjQSJUu5+2w7YQBP7m/oCNcTX2CAQvYkcAmbm 2QrCCO6UOgT5N6VQ+PqzZOHp8zO+Res5C3tXxVmhZzukxDtIztH4FG/YM7nXxtL8 5ejBF0C/XYYcm0xi1+9OCA9BsM1L5XWcMgUUK6NG4No1/vblYWlm6W8qeAr5SQlT e8N3KXsHtPZmD2GbFUWjYIW1NLPSW+HFl5+6ZBie2e92AiVQZHFKd8wPnlek0ira 1SImcsAtmwHGCk4n7wyK7H4lo2xAJ2uaiZIcBs619HJJSFIT/6SLyfF91q3uPtST zok3mLJrNIf/WOrdxCkV1LcLn2fb2BeYJRdZA8oMYNdT1sBLWheuWV8soW/E9cJC P79PDiOlzGFqst7tT/fftABL7COqEMw6toxE0TwLlmxjwuU9rKzf2Q4HwvpFvwal gWL84l3yweBPjAvEAekc8vEJplDljsLbsz5eZrIQaflwUplqMjVIraBLtnzr3l+u ko0NJoabBP9Bv0NVTBPfPGn5nFs+3bE3lCas5NIsF2WY0al6ASk= =8V+7 -----END PGP SIGNATURE-----