Debian 10225 Published by

The following updates has been released for Debian GNU/Linux 8 LTS:

DLA 1836-1: thunderbird security update
DLA 1837-1: rdesktop security update



DLA 1836-1: thunderbird security update




Package : thunderbird
Version : 1:60.7.2-1~deb8u1
CVE ID : CVE-2019-11707 CVE-2019-11708

Multiple security issues have been found in Thunderbird which may lead
to the execution of arbitrary code if malformed email messages are read.

For Debian 8 "Jessie", these problems have been fixed in version
1:60.7.2-1~deb8u1.

We recommend that you upgrade your thunderbird packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


DLA 1837-1: rdesktop security update




Package : rdesktop
Version : 1.8.6-0+deb8u1
Debian Bug : 930387


Several security vulnerabilities were discovered in the rdesktop RDP
client, which could result in buffer overflows and execution of
arbitrary code.

For Debian 8 "Jessie", this problem has been fixed in version
1.8.6-0+deb8u1.

We recommend that you upgrade your rdesktop packages.


For the detailed security status of rdesktop please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/rdesktop

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS