Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

Debian Jessie DSA-3832-1 Moderate: Icedove Code Execution Threat

debian
Calendar Grey April 20, 2017
Scroller Debian
Several vulnerabilities identified in Icedove could result in code execution or data exposure; prompt update advised.
Multiple security issues have been found in Thunderbird, which may may lead to the execution of arbitrary code or information leaks

Summary

Multiple security issues have been found in Thunderbird, which may may
lead to the execution of arbitrary code or information leaks.

With this update, the Icedove packages are de-branded back to the official
Mozilla branding. With the removing of the Debian branding the packages
are also renamed back to the official names used by Mozilla.

The Thunderbird package is using a different default profile folder,
the default profile folder is now '$(HOME)/.thunderbird'.
The users profile folder, that was used in Icedove, will get migrated
to the new profile folder on the first start, that can take a little bit
more time.

Please read README.Debian for getting more information about the
changes.

For the stable distribution (jessie), these problems have been fixed in
version 1:45.8.0-3~deb8u1.

We recommend that you upgrade your icedove packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org...

Read the Full Advisory

Package: icedove
CVE ID: CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.