The security update covers many vulnerabilities in Thunderbird mail client which allows an attacker to execute arbitrary code execution or denial of service.
The vulnerabilities can be detected as CVE-2018-18506, CVE-2019-9788, CVE-2019-9790, CVE-2019-9791, CVE-2019-9792, CVE-2019-9793, CVE-2019-9795, 2019-9796
All security issues are treated with 1 version: 60.6.1-1 ~ deb9u1, so users are advised to update their thunderbird packages.
Twig is a template engine for PHP and fails to enforce sandboxing that results in possible disclosure of information.
Vulnerability has been fixed with version 1.24.0-2 + deb9u1.
Vulnerability is found on the Dovecot email server when reading the FTS or POP3-UIDL headers from the Dovecot index.
There is no Bounds index, which allows an attacker to modify dovecot indexes, leading to escalation of privileges or execute arbitrary code with dovecot user permissions.
The installation using FTS or pop3 migration plugins is affected by the vulnerability and has been repaired on version 1: 2.2.27-3 + deb9u4.
You can get the latest security updates using the apt package manager. Before you run the apt command, add the repository to the source list.
Add /etc/apt/sources.list and update apt-get update && apt-get upgrade.
How useful was this post?
Average rating / 5. Vote count:
No votes so far! Be the first to rate this post.