lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 28 Mar 2018 22:37:50 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4155-1] thunderbird security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4155-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 28, 2018                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 
                 CVE-2018-5145 CVE-2018-5146

Multiple security issues have been found in Thunderbird, which may lead
to the execution of arbitrary code, denial of service or information
disclosure.

For the oldstable distribution (jessie), these problems have been fixed
in version 1:52.7.0-1~deb8u1.

For the stable distribution (stretch), these problems have been fixed in
version 1:52.7.0-1~deb9u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlq7/LEACgkQEMKTtsN8
Tja6gBAAkMmVgPM0vXUzyL12w227CncC9ivogzi1aFHLvdQAhC7eTuPPN3Wjc9KR
re9QEJyffu9/0jkY/whfzB8mdXbJJ9Y4BWdR5M2FBy80J+UB/hoDirjK1C0nQjW4
DaIBHb3NGP1BW5B407d77NgMDV30OBkRNz6tP5yGdgb0hb+UgZvd3d2Y+8NceYBQ
l9LqvYmF381e7/wb3brKj3JRvtSwZDmtMX1TktmLCsl3PIr41ax4xJeoUzdgUXf1
bo8kBd+I+kcBjTdjS0oQyN5Y7d9S6DiZ6QRZyMhY2MItEcuGgXSPGXd27gKhzhk3
YglJZE41KpPxq8iX8kigPGX0i56AJ8mrQRMwZJ+ih2e22ZfEQoEL5PjaRZLThL31
c+xB3MrXaGpOqyUhaI7hkv+/YuPFa14g1X5DtcTmvLTCDMShPlnTtwqSXgIyu2Ee
X1XCWMUverDLoGX6q5BkEVq9U1L877V5xvp8Oid7qo2XzeqrfsnmLyFH6tVfwAGc
x2BN2UoXvTqL5AysP/xBen6AD2230hZpxbDbbQ2YLdysv7w09pO0wQhBYgLZfPei
HTcM6+8YXQpaCbBXcD67hc7N0QgJFwHS9Pj5GMH4tVOLLr6legeJN93IHfYV8+T4
1hU+OOjEdC8bT5c0ugX5yauyhfFZcrYOd54rW4axLRyBqfTJfAI=
=Mi8p
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists