icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove
mail client, an unbranded version of the Thunderbird mail client. The
Common Vulnerabilities and Exposures project identifies the following
problems:

• CVE-2009-2408
  Dan Kaminsky and Moxie Marlinspike discovered that icedove does not
  properly handle a ‘\0’ character in a domain name in the subject’s
  Common Name (CN) field of an X.509 certificate (MFSA 2009-42).
• CVE-2009-2404
  Moxie Marlinspike reported a heap overflow vulnerability in the code
  that handles regular expressions in certificate names (MFSA 2009-43).
• CVE-2009-2463
  monarch2020 discovered an integer overflow in a base64 decoding function
  (MFSA 2010-07).
• CVE-2009-3072
  Josh Soref discovered a crash in the BinHex decoder (MFSA 2010-07).
• CVE-2009-3075
  Carsten Book reported a crash in the JavaScript engine (MFSA 2010-07).
• CVE-2010-0163
  Ludovic Hirlimann reported a crash indexing some messages with
  attachments, which could lead to the execution of arbitrary code
  (MFSA 2010-07).

For the stable distribution (lenny), these problems have been fixed in
version 2.0.0.24-0lenny1.

Due to a problem with the archive system it is not possible to release
all architectures. The missing architectures will be installed into the
archive once they become available.

For the testing distribution (squeeze) and the unstable distribution (sid),
these problems will be fixed soon.

We recommend that you upgrade your icedove packages.