Home / mailings [SECURITY] [DSA 6152-1] thunderbird security update
Posted on 28 February 2026
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-6152-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 28, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : thunderbird
CVE ID : CVE-2026-2757 CVE-2026-2758 CVE-2026-2759 CVE-2026-2761
CVE-2026-2762 CVE-2026-2763 CVE-2026-2764 CVE-2026-2765
CVE-2026-2766 CVE-2026-2767 CVE-2026-2768 CVE-2026-2769
CVE-2026-2770 CVE-2026-2771 CVE-2026-2772 CVE-2026-2773
CVE-2026-2774 CVE-2026-2775 CVE-2026-2776 CVE-2026-2777
CVE-2026-2778 CVE-2026-2779 CVE-2026-2780 CVE-2026-2781
CVE-2026-2782 CVE-2026-2783 CVE-2026-2784 CVE-2026-2785
CVE-2026-2786 CVE-2026-2787 CVE-2026-2788 CVE-2026-2789
CVE-2026-2790 CVE-2026-2791 CVE-2026-2792 CVE-2026-2793
Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code or information disclosure.
For the oldstable distribution (bookworm), these problems have been fixed
in version 1:140.8.0esr-1~deb12u1.
For the stable distribution (trixie), these problems have been fixed in
version 1:140.8.0esr-1~deb13u1.
We recommend that you upgrade your thunderbird packages.
For the detailed security status of thunderbird please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
