This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7081578837727663029==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="wVapSHkKgt5enrfcRmsOUj1RdkQguOFjD"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--wVapSHkKgt5enrfcRmsOUj1RdkQguOFjD
Content-Type: multipart/mixed; boundary="tdf5xwCTW3VJynGD1c4DTiTC41T5HClV8";
protected-headers="v1"
From: Chris Coulson
Reply-To: Ubuntu Security
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <974dfcec-e775-838b-5fd3-b2867ec373a2@canonical.com>
Subject: [USN-4028-1] Thunderbird vulnerabilities
--tdf5xwCTW3VJynGD1c4DTiTC41T5HClV8
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
==========================================================================
Ubuntu Security Notice USN-4028-1
June 20, 2019
thunderbird vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in Thunderbird.
Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client
Details:
Multiple memory safety issues were discovered in Thunderbird. If a user
were tricked in to opening a specially crafted message, an attacker could
potentially exploit these to cause a denial of service, or execute
arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
thunderbird 1:60.7.1+build1-0ubuntu0.19.04.1
Ubuntu 18.10:
thunderbird 1:60.7.1+build1-0ubuntu0.18.10.1
Ubuntu 18.04 LTS:
thunderbird 1:60.7.1+build1-0ubuntu0.18.04.1
Ubuntu 16.04 LTS:
thunderbird 1:60.7.1+build1-0ubuntu0.16.04.1
After a standard system update you need to restart Thunderbird to make
all the necessary changes.
References:
https://usn.ubuntu.com/4028-1
CVE-2019-11703, CVE-2019-11704, CVE-2019-11705, CVE-2019-11706
Package Information:
https://launchpad.net/ubuntu/+source/thunderbird/1:60.7.1+build1-0ubuntu0.19.04.1
https://launchpad.net/ubuntu/+source/thunderbird/1:60.7.1+build1-0ubuntu0.18.10.1
https://launchpad.net/ubuntu/+source/thunderbird/1:60.7.1+build1-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/thunderbird/1:60.7.1+build1-0ubuntu0.16.04.1
--tdf5xwCTW3VJynGD1c4DTiTC41T5HClV8--
--wVapSHkKgt5enrfcRmsOUj1RdkQguOFjD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEERN//5MGgCOgyKeIFYR+97NWUbg8FAl0LoCkACgkQYR+97NWU
bg+9ZwgAprwLOjrFQEXZY9gnokN/NcOzDjllqP3u8jabm2criZG3Lyr4zfojl21m
nY5HrBBC3ReEfmklpTuP5WpNaFuxxhzguawAPnHa8IVzVlcd0UISM+5ImZCiCu91
DP4Dwo0kfsdQmx4d9EDu/PARf1Jyo8NHbWGwMBGTeLGc8c0gvBir1XsJb5lX1mEa
ekCjvprhlh1gJbWufwqcAFAmS3EIS6wW/ekU4iwcd4dspGwqXVNWBKlwDC2kkYNd
4HPit5N5taS8DW5BwwkcF2Llvjo8i3MSMcl0liNa6FKxPm7XqCiptTkXV7bBz98j
smJ2ZVZ9VCXuuKeTqlyiVwIt1I+t6w==
=OaQH
-----END PGP SIGNATURE-----
--wVapSHkKgt5enrfcRmsOUj1RdkQguOFjD--
--===============7081578837727663029==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK
--===============7081578837727663029==--
|