[SECURITY] [DSA 6152-1] thunderbird security update

Date: unknown

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6152-1] thunderbird security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Sat, 28 Feb 2026 13:31:23 +0000
Message-id: <[🔎] aaLuKxztPBNy-rx6@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6152-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
February 28, 2026                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : thunderbird
CVE ID         : CVE-2026-2757 CVE-2026-2758 CVE-2026-2759 CVE-2026-2761 
                 CVE-2026-2762 CVE-2026-2763 CVE-2026-2764 CVE-2026-2765 
                 CVE-2026-2766 CVE-2026-2767 CVE-2026-2768 CVE-2026-2769 
                 CVE-2026-2770 CVE-2026-2771 CVE-2026-2772 CVE-2026-2773 
                 CVE-2026-2774 CVE-2026-2775 CVE-2026-2776 CVE-2026-2777 
                 CVE-2026-2778 CVE-2026-2779 CVE-2026-2780 CVE-2026-2781 
                 CVE-2026-2782 CVE-2026-2783 CVE-2026-2784 CVE-2026-2785 
                 CVE-2026-2786 CVE-2026-2787 CVE-2026-2788 CVE-2026-2789 
                 CVE-2026-2790 CVE-2026-2791 CVE-2026-2792 CVE-2026-2793

Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code or information disclosure.

For the oldstable distribution (bookworm), these problems have been fixed
in version 1:140.8.0esr-1~deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 1:140.8.0esr-1~deb13u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmmi7E4ACgkQEMKTtsN8
TjZZMw//V7lJEYu5Nz2n9pmDjR6OwC4OKOM9DIYTRFb3Z6pZwao6kKQkxjiK9sBQ
1MLKWyVlSlzFy56D5+AMg6ERUP0TVeYiC/XJmu2lOaOJmuDYWBRQhKlMVmM+0ScM
z2EmXjajvZ/zFLu0O0k4wJIogmpRX8Aj677YOjOdzeiiC63NJwphucneWioCuxTD
gdPrVVO9oprPVCW/aEbK0fHID8DJvD2pPHERdajqMiG9nsCFhDOytCpT/BdcZcAH
FGiHyhRUWSAaivUpI9Q8qDnHnSrXaYMZS/P09g59lJ7pZP3Dw+Yjan9eT269U0cc
fr0hel4AgbpUQSpN7PHFjXOb8mQYyI40P91UXgzR88SGlp8fgrYuRbpjMWfnwqm3
9JYpHhcH/3ZwqPtK2993pIiZQpC7a4j/u8MDiQlGFL+Ww6xajEka5ETlDjad203D
QhKYJi4iwk6sAA08rySlQ3gG38h8VnF+6z//Yg1QViJprJeGWT/GnH/fcjqYL2KM
YviY2l3bE9+jLl3HBBBRF92GvRZOOW12AdJv4FSAlSRHvt3kf+iAhACzxJF9VfER
CF7mkqzNxsaTnraeKHnIYUb7wO+0217D1Tu38W3I5rZw0SMKwiA2TVzPIWSFgpqo
BQ/LrwAgtZlv4vY0iYrhSUg9Z5MKiwGiTJn88onyzIn5wAaXGbY=
=UFLF
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6151-1] chromium security update
Next by Date: [SECURITY] [DSA 6153-1] lxd security update
Previous by thread: [SECURITY] [DSA 6151-1] chromium security update
Next by thread: [SECURITY] [DSA 6153-1] lxd security update
Index(es):
- Date
- Thread