—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4702-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 11, 2020 https://www.debian.org/security/faq
– ————————————————————————-

Package : thunderbird
CVE ID : CVE-2020-12410 CVE-2020-12406 CVE-2020-12405
CVE-2020-12399 CVE-2020-12398

Multiple security issues have been found in Thunderbird which could
result in the setup of a non-encrypted IMAP connection, denial of service
or potentially the execution of arbitrary code.

For the oldstable distribution (stretch), this problem has been fixed
in version 1:68.9.0-1~deb9u1.

For the stable distribution (buster), this problem has been fixed in
version 1:68.9.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl7ibasACgkQEMKTtsN8
TjYmHBAAgVvMQ1tcjI5TWMt3Q05NzQaPR1xtqDIMrFjy8dJGQp9TFs40aB/DsoGf
6LSS0dq3tW+iAzeCoOSeumNQ3rN03vRsQSAIZ6nkRJgU5YgHRH3n0OCOeGj404Pu
WhsSQ3gXAAJiIQO5Z7hIZIQaZMIIaQONhDRMKnyKNOWaCkqPKl3f+/vF582VtCZV
2SMq+KWr4LI3VQTj5CHTsSMgr5E2ZIortiGYrZNWWi8UjJ9mD6DNCJT3rN277Wfe
7+DfMfq/Ddja/VZEffxOon+ohnJ8s5IRhkvMZmB+hXQMEB5daKKV7+/3IsSbLTB1
EHUWjKzkOZCkOYWm7/iD2GhYku0bcHtNaPNNWI4OpvSGziSGEDN7McmOQzGbowpL
RWBdWAC4rLn5hCPUDA8P4+qfi+EA72bMpzCAH73VpLtbZtcOBNQmhCWGhtVVjgD/
+Tqt6P/R1g7y8d5nwG02bKULoMeMc9lY9bnqrejyBqVN/zEaUsD1qfLkpS5tb3D+
NEDZ2Au95ihoCg7WD/XJFgqe58DTRQOvfj02FExV+uB+E7SIAb0dYgNvM4L7e/GN
zcg/WqhAK3+KY0Fwcz0A7EmJ/WxmSlzf+iV5kQ3HzXQyLZD0H658XpdXye0Ac1ew
yTRL5Cpn+s3ln8o+7RDtnhc2teIshu/0db8XiC+V+nN6ZziZ7+c=
=O/7L
—–END PGP SIGNATURE—–