Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 518
Alerts This Week
Warning Icon 1 518

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 31 articles for you...
197

Debian 7: DLA-1087-2 Critical: Icedove/Thunderbird Buffer Overflow Issue

The update for icedove/thunderbird issued as DLA-1087-1 did not build on i386. This update corrects this. For reference, the original advisory text follows. . Package : icedove Version : 1:52.3.0-4~deb7u2 The update for icedove/thunderbird issued as DLA-1087-1 did not build on i386. This update corrects this. For reference, the original advisory text follows. Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. For Debian 7 "Wheezy", these problems have been fixed in version 1:52.3.0-4~deb7u2. We recommend that you upgrade your icedove packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance icedove/thunderbird to resolve significant vulnerabilities and prevent memory safeties as well as buffer overflow concerns.. Debian LTS, icedove updates, thunderbird security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Sep 07, 2017 Critical Debian LTS
197

Debian Wheezy DLA-1087-1: Critical Icedove Buffer Overflow Advisory

Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. . Package : icedove Version : 1:52.3.0-4~deb7u1 CVE ID : CVE-2017-7753 CVE-2017-7779 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-7809 Multiple security issues have been found in the Mozilla Thunderbird mail client: Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitrary code or spoofing. For Debian 7 "Wheezy", these problems have been fixed in version 1:52.3.0-4~deb7u1. We recommend that you upgrade your icedove packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance icedove on Debian Wheezy to address several memory and implementation vulnerabilities leading to potential code execution exploits.. icedove security update, thunderbird vulnerabilities, debian advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Sep 05, 2017 Critical Debian LTS
87

Debian: DSA-3919-1 Severe: Icedove Remote Code Execution

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases (ESR) of Thunderbird. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3918-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff July 25, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2017-5470 CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-7764 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778 Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases (ESR) of Thunderbird. Support for the 45.x series has ended, so starting with this update we're now following the 52.x releases. For the oldstable distribution (jessie), these problems have been fixed in version 1:52.2.1-4~deb8u1. For the stable distribution (stretch), these problems have been fixed in version 1:52.2.1-4~deb9u1. We recommend that you upgrade your icedove packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian security advisories highlight essential patches for Icedove and Thunderbird to address remote code execution vulnerabilities. Update now for safety.. Icedove Security Patch, Thunderbird Update, Debian Security Advisory. . Severity:Critical. LinuxSecurity.com Team

Calendar%202 Jul 25, 2017 Critical Debian
87

Debian Jessie DSA-3832-1 Moderate: Icedove Code Execution Threat

Multiple security issues have been found in Thunderbird, which may may lead to the execution of arbitrary code or information leaks. With this update, the Icedove packages are de-branded back to the official . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3832-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff April 20, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5383 CVE-2017-5390 CVE-2017-5396 CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410 Multiple security issues have been found in Thunderbird, which may may lead to the execution of arbitrary code or information leaks. With this update, the Icedove packages are de-branded back to the official Mozilla branding. With the removing of the Debian branding the packages are also renamed back to the official names used by Mozilla. The Thunderbird package is using a different default profile folder, the default profile folder is now '$(HOME)/.thunderbird'. The users profile folder, that was used in Icedove, will get migrated to the new profile folder on the first start, that can take a little bit more time. Please read README.Debian for getting more information about the changes. For the stable distribution (jessie), these problems have been fixed in version 1:45.8.0-3~deb8u1. We recommend that you upgrade your icedove packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list:This email address is being protected from spambots. You need JavaScript enabled to view it. . Several vulnerabilities identified in Icedove could result in code execution or data exposure; prompt update advised.. Debian Security, Icedove Threat, Code Execution Update. . LinuxSecurity.com Team

Calendar%202 Apr 20, 2017 Debian
87

Debian: DSA-3757-1 Critical: Icedove Code Execution Threat

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple vulnerabilities may lead to the execution of arbitrary code, data leakage or bypass of the content security policy. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3757-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff January 11, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-9893 CVE-2016-9895 CVE-2016-9897 CVE-2016-9898 CVE-2016-9899 CVE-2016-9900 CVE-2016-9904 CVE-2016-9905 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple vulnerabilities may lead to the execution of arbitrary code, data leakage or bypass of the content security policy. For the stable distribution (jessie), these problems have been fixed in version 1:45.6.0-1~deb8u1. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your icedove packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance Icedove to resolve several vulnerabilities, which could potentially result in unauthorized data exposure and execution of arbitrary code.. Icedove Update Policy, Debian Security Patches, Mozilla Thunderbird Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jan 11, 2017 Critical Debian
87

Debian 8: DSA-3690-1 Critical: Icedove DoS Risk from Memory Errors

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3690-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-5257 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 1:45.4.0-1~deb8u1. For the testing distribution (stretch), this problem has been fixed in version 1:45.4.0-1. For the unstable distribution (sid), this problem has been fixed in version 1:45.4.0-1. We recommend that you upgrade your icedove packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Thunderbird security patch resolves severe memory vulnerabilities in the Debian email application to mitigate potential code execution threats.. Icedove Update, Debian Security Advisory, Email Client Security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Oct 10, 2016 Critical Debian
87

Debian 8: DSA-3686-1 Critical Update: Icedove Memory Safety Issues

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3686-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff October 04, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-2836 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 1:45.3.0-1~deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1:45.3.0-1. We recommend that you upgrade your icedove packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Vulnerabilities detected in Icedove could lead to unauthorized code execution or system outages. Immediate patching advised.. Icedove Update, Debian DSA-3686-1, Mozilla Thunderbird Exploits. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Oct 04, 2016 Critical Debian
87

Debian Jessie DSA-3647-1 Critical: Icedove Memory Safety Threats

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3647-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-2818 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 1:45.2.0-1~deb8u1. For the testing distribution (stretch), this problem has been fixed in version 1:45.2.0-2. For the unstable distribution (sid), this problem has been fixed in version 1:45.2.0-2. We recommend that you upgrade your icedove packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Essential patches for Debian's Icedove address memory vulnerabilities that might permit arbitrary code execution and denial-of-service (DOS) incidents.. Debian Icedove Security Update, Memory Safety Threats, Icedove Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Aug 11, 2016 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200