Debian Linux Security Advisory 4683-1 - Multiple security issues have been found in Thunderbird which could result in spoofing the displayed sender email address, denial of service or potentially the execution of arbitrary code.
6b4651f29f022e0efe1d6770f39d66f9649fc415381e1388373054438f2656bd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4683-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
May 08, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : thunderbird
CVE ID : CVE-2020-6831 CVE-2020-12387 CVE-2020-12392 CVE-2020-12395
CVE-2020-12397
Multiple security issues have been found in Thunderbird which could
result in spoofing the displayed sender email address, denial of service
or potentially the execution of arbitrary code.
For the oldstable distribution (stretch), these problems have been fixed
in version 1:68.8.0-1~deb9u1.
For the stable distribution (buster), these problems have been fixed in
version 1:68.8.0-1~deb10u1.
We recommend that you upgrade your thunderbird packages.
For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl61rrsACgkQEMKTtsN8
TjafRhAArjnN6ZoNxrBCmoIuJfLR7eT4q3Gch/QE/mSG0u8OPIPFtKg/THbRJgWE
0+w1Ml5C1sRWR2ggQBjS+ho7mvGRFzL1CEEnTWn9nls73M/Aqlrdoy5KJjxs+XZj
vr/5bYfZNjz6y8ruAl2P/v8j3Q5yZxFlXqT2JYyegc0kvlUZAezkROFu1vWV0PRz
qibDQPxWS3T8aMi2WWkejZmHN9nJSJ9rQBY5ZWzcAiDxQCm4x1bism3JXG1ZYTC0
UyU//38okYc+mavyjSENQd/3fF20SJJheFjev5GCsZhG+2wRPl9ZX1mEEsqHDwID
L8xHS0AyklE/Sxip9HA9HPXqRCnr2CXYOjOGMscoXON1YLhftKKRrj+juBWKBJ3p
xmXWH/YKswG4YdU6Lwo+tSvXhUXseCuA6ZY9w31M4h78fnyztZNH2xo15n/H4bvG
k4AgfM9EQSqWq7A1+l18IyhsK0V6EazeaVAZcCzeL8KeIOR4op0rzfjsD9jzpHUA
B6Gj3e75mdLDjdqKd/XhrZ3G2yfWeXxmFnBk1A3CEiMxiF6P8DbHSejYFPyuesZ7
MsdUYTjQ/6Hipbc70KvQiFD1ELldcLv/VsipL8bv7ZSdkyH/8CWdmSEjccPhhXuj
lEJskOuvTPyyfaaWTmnQkKamWi9K3C44KhZy7zVP57FtKSjok7g=
=yRB7
-----END PGP SIGNATURE-----