[SECURITY] [DSA 4790-1] thunderbird security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4790-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 12, 2020 https://www.debian.org/security/faq - - Package: thunderbird CVE ID : CVE-2020-26950 A use-after-free was found in Thunderbird, which could potentially result in the execution of arbitrary code. For the stable distribution (buster), this problem has been fixed in version 1:78.4.2-1~deb10u1. We recommend that you upgrade your thunderbird packages. For the detailed security status of thunderbird please refer to its security tracker page at: https://security-tracker.debian.org/tracker/thunderbird Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl+tq3MACgkQEMKTtsN8 TjYG4A/+INHoCgLQrkcwfs1DdD23DkC89F0ixUim0mN5QCMHrbODUBKTDczBH8Bt is9lFLWGZTer2iC+RetB3o0tfw2fyUShdh/Tg3PQ9dPHjXsuhcA+8x5tClmvX22o +e67JvzJpTKHIsQY9Z+T+7q+nzRv2xRecr88m14dqbBmkhBoGxQqx9bBsGMWCTke EKlT9heFIJt3kLREShH/9T2slQpzmrExMGhhsslqG9v34OLwHDk06YtRYH7U0b98 2qVxflvrdxuF4VF6oe7LLjDU54f8Q4js4VfF3AskXjSyVdqFP5MDtk9M1s/xr/xh 588K5DT6hyAydZxGGBho55V0coC/J3ZNUwmNKm0WtZPhX3Gb6Hi/w1NyqQObC2to 0WxFeSyly9rMWkZSdjCpQ5TxOUMIde+MPbuAiFs6ypMxtCEvH/DZVZ9jAEUOHS2M spsshqj3oqyqB/wDKP/RxERK/d6kZ9Xhom3vp0l77RBULHLT2EsnBGGpjyu7B6+d DxrY3kOwwjoYgZEwblyQo/1gP0Of/k7CZ2Y4cEx8KBvxPPrhTIxX4ID8uD/oz4Vb s0N66Pm7lIo77PgWJhJcowYPX65IgWtIbAuSWzZD2Ap8flfc1f3rDTv+HgWYUZvO ysBakw64Z6AU8K3Ie112io71GjCohLR8SNx32kC0MWZymSGO5co= =4Jb+ -END PGP SIGNATURE-
[SECURITY] [DSA 4789-1] codemirror-js security update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4789-1 secur...@debian.org https://www.debian.org/security/ Sebastien Delafond November 12, 2020 https://www.debian.org/security/faq - - Package: codemirror-js CVE ID : CVE-2020-7760 It was discovered that codemirror, a browser-based text editor implemented in JavaScript, was vulnerable to regular expression denial-of-service. For the stable distribution (buster), this problem has been fixed in version 5.43.0-1+deb10u1. We recommend that you upgrade your codemirror-js packages. For the detailed security status of codemirror-js please refer to its security tracker page at: https://security-tracker.debian.org/tracker/codemirror-js Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -BEGIN PGP SIGNATURE- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAl+s4JYACgkQEL6Jg/PV nWRV8Qf+NJ+kRDqWLNVxDghRi7adRYolBtjybDCdj8XALH2phRJwpMr6brXzRiKM Phj8t7soLRcLb+YG4lLfB1xd1dEqiuLwjNwWCjNpJAvMU7zWuqFpjVOWfVmH0vFg iiRsGeYqt6QfV52eDk6QcLx+CwKJqA4RDcwdoxe1jb7yH/i3glf2sPetfQfZTtyd myG40AV6EdFlSqPHCj89Kqbo2u+a9FFr0hodshEz/4wRa0yIUm8GVzRh6BPWN/hn fMp3PPRq0eXaErvChJpnviSqDHB0A3xoKo8VjVG6EDwoI7aNfjHrL+z/VEZxppdV YUHw0CVN6h5APoUiKlDdcD6/p3ASOw== =XlO6 -END PGP SIGNATURE-