Home / mailings [SECURITY] [DSA 6179-1] thunderbird security update
Posted on 26 March 2026
Debian Security Advisory- -------------------------------------------------------------------------
Debian Security Advisory DSA-6179-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 26, 2026 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : thunderbird
CVE ID : CVE-2025-59375 CVE-2026-3889 CVE-2026-4371 CVE-2026-4684
CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688
CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692
CVE-2026-4693 CVE-2026-4694 CVE-2026-4695 CVE-2026-4696
CVE-2026-4697 CVE-2026-4698 CVE-2026-4699 CVE-2026-4700
CVE-2026-4701 CVE-2026-4702 CVE-2026-4704 CVE-2026-4705
CVE-2026-4706 CVE-2026-4707 CVE-2026-4708 CVE-2026-4709
CVE-2026-4710 CVE-2026-4713 CVE-2026-4714 CVE-2026-4715
CVE-2026-4716 CVE-2026-4717 CVE-2026-4718 CVE-2026-4719
CVE-2026-4720 CVE-2026-4721
Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code or information disclosure.
For the oldstable distribution (bookworm), these problems have been
fixed in version 1:140.9.0esr-1~deb12u1.
For the stable distribution (trixie), these problems have been fixed in
version 1:140.9.0esr-1~deb13u1.
We recommend that you upgrade your thunderbird packages.
For the detailed security status of thunderbird please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/thunderbird
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
