|
|
Log in / Subscribe / Register

Debian alert DLA-4549-1 (thunderbird)



From:
              Emilio Pozuelo Monfort <pochu@debian.org>


To:
              <debian-lts-announce@lists.debian.org>


Subject:
              [SECURITY] [DLA 4549-1] thunderbird security update


Date:
              Sun, 26 Apr 2026 10:43:45 +0200


Message-ID:
              <20260426084345.1D2775F00082@kamino>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4549-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
April 26, 2026                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : thunderbird
Version        : 1:140.10.0esr-1~deb11u1
CVE ID         : CVE-2026-6746 CVE-2026-6747 CVE-2026-6748 CVE-2026-6749
                 CVE-2026-6750 CVE-2026-6751 CVE-2026-6752 CVE-2026-6753
                 CVE-2026-6754 CVE-2026-6757 CVE-2026-6761 CVE-2026-6762
                 CVE-2026-6763 CVE-2026-6764 CVE-2026-6765 CVE-2026-6766
                 CVE-2026-6767 CVE-2026-6769 CVE-2026-6770 CVE-2026-6771
                 CVE-2026-6772 CVE-2026-6776 CVE-2026-6785 CVE-2026-6786

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.

For Debian 11 bullseye, these problems have been fixed in version
1:140.10.0esr-1~deb11u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmnt0D4ACgkQnUbEiOQ2
gwKkOg/+MMlp+7g1qPpRbiX2LqGRs0oNYvJiLk/bcth69jPy6Fi8CyjI3p0g9Tnj
mFXFfSniW6t6enVL80nE3InkU4kT6EWUFVCs2vM8fu3nxBpa9CrRB6/6eW8l/oxT
k86Vrv/wTFywjwHSLn0bqsh3+U10OGbU0PnJ3yIaXYa5D8nNS2dt7LPPtcGgrDyt
PbT5BFZGiiNrU8kbPnjNPIJG0j/8qzh5W/5zPF5b536Uzs3Ih8RoI62VgHW7zf39
ld4nf0StUxkJv7y/xa6+mPxhd+UKCOWvytsSWd0PXofYVkp/QUlPHds8297gaCI9
JXn1EdxSNbfwRWjlwfvZrLvzciE4F8Bh2vbMzgHnzVQ/ki37yA2oEL8eB3TRlQ5W
4jOB2AW+AWCSLPrpRJde8T1UyE1byAt6U/dY9kgrs+wmiYLa/gVUzLGXOZtbNT4t
6wGErwnq9sEcBzNp1zIQNjJbGEw9Dk+IkWx/H+4BlBgaaW1civpuoNBcTDQhDrQg
CNW6DNpQm2lFOn1xfn/vTsWByxp029i7EcMTpd0B/fUee85MmLO6k2cWBBL3m1Pw
dinUZSRRYlgaw5g0cGynQAjOPeaiP77LzZ7pJ3EI0viBJPZRtUZxLojeODqxkZNq
uN2e5ppWDTHB6OrMWIAFT8f9OnkmhFPAhtQXvajh2cjGcVlmyh4=
=MR2u
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds