|
|
Log in / Subscribe / Register

Debian alert DSA-6229-1 (thunderbird)



From:
              Moritz Muehlenhoff <jmm@debian.org>


To:
              debian-security-announce@lists.debian.org


Subject:
              [SECURITY] [DSA 6229-1] thunderbird security update


Date:
              Fri, 24 Apr 2026 18:31:52 +0000


Message-ID:
              <aeu3GJV-6Lcnvpmw@seger.debian.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6229-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
April 24, 2026                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2026-6746 CVE-2026-6747 CVE-2026-6748 CVE-2026-6749 
                 CVE-2026-6750 CVE-2026-6751 CVE-2026-6752 CVE-2026-6753 
                 CVE-2026-6754 CVE-2026-6757 CVE-2026-6761 CVE-2026-6762 
                 CVE-2026-6763 CVE-2026-6764 CVE-2026-6765 CVE-2026-6766 
                 CVE-2026-6767 CVE-2026-6769 CVE-2026-6770 CVE-2026-6771 
                 CVE-2026-6772 CVE-2026-6776 CVE-2026-6785 CVE-2026-6786

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code.

For the oldstable distribution (bookworm), these problems have been fixed
in version 1:140.10.0esr-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 1:140.10.0esr-1~deb13u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmnrtsMACgkQEMKTtsN8
Tja2AQ/+ONMxp8DNs7h//xfzYgfYj2kE4nOohp90wb0Bux84jwhkU7YiSt7YYfsN
XwjqpyhBYe6GVQlZyUjw36F8MDCVVEb6Dx6Rq3OEkkTOtaGpaSUkr/iEnWZu5ywb
EevUgtMafrjYFvT7e1Bm6QKOCxu4EMFVM/au6sgEwEEaUNCyni0nB+8rbVbQgewv
TW3WOX4B1mF+oNoWGasQY1brt5Eq+MpEVTCxmWFhE5AQvjSgV74/803Vtg7VyhD7
qjMDfcFWcx4yc4EFBLNejQBmltL1217d1+uQGXkMZYwpcf4vIALRUH0SxrcF37Fv
SUdOH6/nOrAs+hLn5D9iOhcEDoPcfUF9xcKb+W+uBtsqJsWQAVZPc9FKGTkGAsgh
WL/YAPU6O6Vg7B1AhrRFxCiFA5swKh7v3scMlDYn5UOLP6hGHwoV2obXwwzHP9Z4
8UQ1vGVO81RE5zzWlSqDvMCxye8difW1MfIZmfzluIxuA0B2K+lNHkkVJCRtVjsl
2c3cCf3JcXjbW/YyhcfEIlDvAQXJSAjz8a+HcDNuBO3sfRUQoq6jgjUnkw6q1mKL
SNQ2eg+zMeOpOU2BIIBhfl+lJVIF4egERoqePCwFkLcfvovo7gHFGDwFb9FqX6My
blG20USxqH3OHrsJSD96ymYo5B6s3SozhdEVkXipvWFpq6xrPRc=
=k7+V
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds