-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 06 Feb 2025 17:44:29 +0100
Source: thunderbird
Binary: thunderbird thunderbird-dbgsym
Architecture: arm64
Version: 1:128.7.0esr-1~deb12u1
Distribution: bookworm-security
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Christoph Goehre <chris@sigxcpu.org>
Description:
 thunderbird - mail/news client with RSS, chat and integrated spam filter suppor
Changes:
 thunderbird (1:128.7.0esr-1~deb12u1) bookworm-security; urgency=medium
 .
   * [4a9ef4c] New upstream version 128.7.0esr
     Fixed CVE issues in upstream version 128.7 (MFSA 2025-10):
     CVE-2025-1009: Use-after-free in XSLT
     CVE-2025-1010: Use-after-free in Custom Highlight
     CVE-2025-1011: A bug in WebAssembly code generation could result in a
                    crash
     CVE-2025-1012: Use-after-free during concurrent delazification
     CVE-2024-11704: Potential double-free vulnerability in PKCS#7 decryption
                     handling
     CVE-2025-1013: Potential opening of private browsing tabs in normal
                    browsing windows
     CVE-2025-1014: Certificate length was not properly checked
     CVE-2025-1015: Unsanitized address book fields
     CVE-2025-0510: Address of e-mail sender can be spoofed by malicious email
     CVE-2025-1016: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
                    Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20,
                    and Thunderbird 128.7
     CVE-2025-1017: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
                    Firefox ESR 128.7, and Thunderbird 128.7
Checksums-Sha1:
 aa585d0638d55584491aa6b5e2962657fe14e752 461433824 thunderbird-dbgsym_128.7.0esr-1~deb12u1_arm64.deb
 df7e8eb2046a8129ba3f3162182834d3750ed3d2 20205 thunderbird_128.7.0esr-1~deb12u1_arm64-buildd.buildinfo
 7ac8b727e131ddf0926741a663e07a4fd75f2a4e 58036428 thunderbird_128.7.0esr-1~deb12u1_arm64.deb
Checksums-Sha256:
 89aa04b9faa48fa960eba67817f0cf9edd7828ba9b355bebc904652b3bda57cb 461433824 thunderbird-dbgsym_128.7.0esr-1~deb12u1_arm64.deb
 eb5b1544b4b9e1ddbb62b782a56b3e1322c41de70e997efdf1dfb80585f5ebda 20205 thunderbird_128.7.0esr-1~deb12u1_arm64-buildd.buildinfo
 3d03324ab309ee86e3af37e25741ea92b514d2fa78eec1f44ec4e1a0fd3bcd3f 58036428 thunderbird_128.7.0esr-1~deb12u1_arm64.deb
Files:
 c6ee43b3b364124793a9aca538ccfac5 461433824 debug optional thunderbird-dbgsym_128.7.0esr-1~deb12u1_arm64.deb
 bb292d51fb4757bd8d01a4450c22fbe2 20205 mail optional thunderbird_128.7.0esr-1~deb12u1_arm64-buildd.buildinfo
 ecb3237d6b79091c8fd207131fd6480a 58036428 mail optional thunderbird_128.7.0esr-1~deb12u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEVM4SKBZumztS8zr3lST9Us03ywsFAmelKCsACgkQlST9Us03
yws74A/+MYc0MScoKW7hKgiYFX6NLKT6DuDDZ3YLhfd9g55nPU3pIy8pwyEpuGw7
vU3uldk8KvLtG5NoS2SoJmMQehA2i0aCijajvgjKqRKH0IQOxRsyZBgbMuoB8T2v
SeFE21D2gmX67KVxlrvsH4E+t8D6mXGbuh/9gzODKUkxx0ah9g/feB6k+crkg2vV
hVidPDnYZMm/NBZiG1q3QuzdJpf1H75ncTDIhQf/SLeOul60OpCpiYHau7Y21MJr
pdrHgoiyidLjlCFXVtjSeqjgx41itH1iP5CiDmEyac4F4Bfc1JH6ZTYp33zcEqoS
mPl4PmWl0QH43wYmRPsgZ7SO6VyF01IJmADLMbmRjbD3RdqqNtqrj9E5YPXQVTiJ
nurFhI6WDiXUjILkJdxV7TXxCwG6MPC1+FMfRxPJHafar5+3nGvMQiFCHJeipHT3
0Y3NYsYhsoVj47jGHJ52I7naXBg5e8DWc+uEpAzNcJW5+djIw2EdU7HOY+lnhgTU
9ITq6hIdW+bNtrKMY6cnRl3pID/w85ZDKxAo5mIUHN5GNhAHrqpjWRiTQP38wTdv
JAW+P0ROL6nMlxVVwlYORzgoJ5ZpuLvXVDvInZcMhEa7UnFoe/xDDL7E4+iArr6z
uDn1AYfESs8+oqv0TfsyEAy+9xxxZ5nPUrMgt2dXh9u6AooO6SU=
=JSaW
-----END PGP SIGNATURE-----