-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4790-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 12, 2020                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2020-26950

A use-after-free was found in Thunderbird, which could potentially result
in the execution of arbitrary code.

For the stable distribution (buster), this problem has been fixed in
version 1:78.4.2-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl+tq3MACgkQEMKTtsN8
TjYG4A/+INHoCgLQrkcwfs1DdD23DkC89F0ixUim0mN5QCMHrbODUBKTDczBH8Bt
is9lFLWGZTer2iC+RetB3o0tfw2fyUShdh/Tg3PQ9dPHjXsuhcA+8x5tClmvX22o
+e67JvzJpTKHIsQY9Z+T+7q+nzRv2xRecr88m14dqbBmkhBoGxQqx9bBsGMWCTke
EKlT9heFIJt3kLREShH/9T2slQpzmrExMGhhsslqG9v34OLwHDk06YtRYH7U0b98
2qVxflvrdxuF4VF6oe7LLjDU54f8Q4js4VfF3AskXjSyVdqFP5MDtk9M1s/xr/xh
588K5DT6hyAydZxGGBho55V0coC/J3ZNUwmNKm0WtZPhX3Gb6Hi/w1NyqQObC2to
0WxFeSyly9rMWkZSdjCpQ5TxOUMIde+MPbuAiFs6ypMxtCEvH/DZVZ9jAEUOHS2M
spsshqj3oqyqB/wDKP/RxERK/d6kZ9Xhom3vp0l77RBULHLT2EsnBGGpjyu7B6+d
DxrY3kOwwjoYgZEwblyQo/1gP0Of/k7CZ2Y4cEx8KBvxPPrhTIxX4ID8uD/oz4Vb
s0N66Pm7lIo77PgWJhJcowYPX65IgWtIbAuSWzZD2Ap8flfc1f3rDTv+HgWYUZvO
ysBakw64Z6AU8K3Ie112io71GjCohLR8SNx32kC0MWZymSGO5co=
=4Jb+
-----END PGP SIGNATURE-----