Debian Linux Security Advisory 4392-1 - Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code, denial of service or spoofing of S/MIME signatures.
4c871fbac5c3ba2c4e1350c97e650c929c2ea4bcb6654865928a2d98f8192768
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4392-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 16, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : thunderbird
CVE ID : CVE-2018-18356 CVE-2018-18500 CVE-2018-18501
CVE-2018-18505 CVE-2018-18509 CVE-2019-5785
Multiple security issues have been found in the Thunderbird mail client,
which could lead to the execution of arbitrary code, denial of service
or spoofing of S/MIME signatures.
For the stable distribution (stretch), these problems have been fixed in
version 1:60.5.1-1~deb9u1.
We recommend that you upgrade your thunderbird packages.
For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlxoOkAACgkQEMKTtsN8
TjbMIQ/+KWjjve5vJ/rRCfu4zHa6DA/7nqkP1cnFztJMoiWM2RcTLHWvqHJ7Xk9X
a6DDx7g4A15OpDd4PkJ3fMxb2rxycHbZp/bfuJl3daAlr7hQGWYXs0jQPl7/FXoe
234qKZN8Z/quk58qg2ThTI4Zm5f4FeTActzdVCIEfnoYhhp6z/ahyI6DffcsQCmR
kwJQ5uQzT2ynGTle6pXWrbhS5NhxbY6SrXRSJw5ZUdXtAkIzWtLZGL9aWW3kkGIF
DBw/xrbBgMJFzosgV9cYdPPPd1PolQbhEDOayx+63qSnE5aPrKZuNf6UyoKXZwsb
h5ITzVUMmJ/qCjeAzgiB+HQa1mQOYf2WgZeAXHjiHepTss7PouFLqw/wT6hZy2oh
k3AVXVOegzJMQ/HKAOAHPyFcK449TSG84qyROxixQfFC2vwrxBErnZQyBU50XbHC
AscIqCvlT4q4oQxID1+aLegd66eTPebCqSD9Z7oc5TY2WQLh2uqlqAD5gmjcBB1v
KF1x1y9ZZEEris7PIch0v/yqSUffeX7Wcef8h+qpvxB4KtSN0r2Qz2G2lFzMt6Em
M3zgoAOQvJWj33wNQm1Iy31v5OMqcRmFZbKQsG3IMdooIZCax3XiTOlpBJxW3zki
FYo2+3uGDYbVvgObSsRDKLyP/GULtmDO3VuXJ0rtgUA4ApAYFkw=
=36NY
-----END PGP SIGNATURE-----