Debian 10033 Published by

A thunderbird security update has been released for Debian GNU/Linux 10 LTS to address multiple security issues.



DLA 3196-1: thunderbird security update



- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3196-1 debian-lts@lists.debian.org
  https://www.debian.org/lts/security/ Emilio Pozuelo Monfort
November 17, 2022   https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : thunderbird
Version : 1:102.5.0-1~deb10u1
CVE ID : CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406
CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411
CVE-2022-45412 CVE-2022-45416 CVE-2022-45418 CVE-2022-45420
CVE-2022-45421

Multiple security issues were discovered in Thunderbird, which could
potentially result in the execution of arbitrary code, information
disclosure, spoofing or bypass of the SameSite cookie policy.

For Debian 10 buster, these problems have been fixed in version
1:102.5.0-1~deb10u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
  https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at:   https://wiki.debian.org/LTS