[SECURITY] [DSA 6179-1] thunderbird security update

Thu, 26 Mar 2026 15:32:12 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6179-1                   [email protected]
https://www.debian.org/security/                     Salvatore Bonaccorso
March 26, 2026                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2025-59375 CVE-2026-3889 CVE-2026-4371 CVE-2026-4684
                 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688
                 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692
                 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695 CVE-2026-4696
                 CVE-2026-4697 CVE-2026-4698 CVE-2026-4699 CVE-2026-4700
                 CVE-2026-4701 CVE-2026-4702 CVE-2026-4704 CVE-2026-4705
                 CVE-2026-4706 CVE-2026-4707 CVE-2026-4708 CVE-2026-4709
                 CVE-2026-4710 CVE-2026-4713 CVE-2026-4714 CVE-2026-4715
                 CVE-2026-4716 CVE-2026-4717 CVE-2026-4718 CVE-2026-4719
                 CVE-2026-4720 CVE-2026-4721

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code or information disclosure.

For the oldstable distribution (bookworm), these problems have been
fixed in version 1:140.9.0esr-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 1:140.9.0esr-1~deb13u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmnFjcpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RXOg/+MQNNYFRMbCISuNwyKOoS158I43kH/KNdQ2wYeCusB4uqb+QOzeqS9yfS
p3grvytpHPaZNh8FbJKB+7sVEHzIvVvURBXO7FUN4nqeHqsAqOc6taioDkQBff3V
xHV60UEKCMJuqJFqEWp2SAOs0k/+bPPrbV8/r/fnBgPhJ9i23Moloav8SRkKlS3Y
F1d7QxRu2njUKcgt5moZwvyELEYO7Ol1BM7v7YwWhW8FHtpAydXAnlMtH4Py/zRc
ETqdHD2ZzTon+GPYfDfBknu1saIHnDIizRJ7DZeY2mYTZFEZmGX2n6QyG6G6PvVu
JSjB31+2/dw++G1QTxvztn0eB606pfp+Y+f1sHgg/82O04hrnn7JCzqn/y8pfAmE
4iuMP0aLNsp4BH5sIuyMVZ184KyhcUixhe/HMWqaZuLAhpkHp6qxYJvhcvQcfFMz
0hnrvuPDutmVlN9sl+l4VGJ0G/egVRzUq6msuaYJbmuySvC/g3Z/w6ZWlUUF2gm8
dBq8nHL1RYZApsBpD8fxsOLLeFm5+oLOb5MwnW9cmu7g6UWbk5CuVo67XB8vDq7C
Pnuo/jFZhJVDyK1Fgl03AeZ+XJAfLZcdot533JZ72wQiD4Tg4szX0kDtxV0Z5gHU
03TIiM2WXOns2Or0tGNxu6QdykVv22Ot2IPGmBfN5KiuL63q6mQ=
=wdrg
-----END PGP SIGNATURE-----

Reply via email to