icedove - security update


Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, same-origin policy bypass issues, integer overflows, buffer overflows and use-after-frees may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), these problems have been fixed in version 1:45.5.1-1~deb8u1. For the unstable distribution (sid), these problems have been fixed in version 1:45.5.1-1 or earlier. We recommend that you upgrade your icedove packages.

Affected Software

CPE Name Name Version
icedove 1:45.0~b4-1
icedove 1:45.0~b4-2
icedove 1:45.1.0-1
icedove 1:45.1.0-1~deb7u1
icedove 1:45.1.0-1~deb8u1
icedove 1:45.2.0-1
icedove 1:45.2.0-1~deb8u1
icedove 1:45.2.0-2
icedove 1:45.2.0-2~deb7u1
icedove 1:45.2.0-3
icedove 1:45.2.0-4
icedove 1:45.2~b1-1
icedove 1:45.3.0-1
icedove 1:45.3.0-1~deb7u1
icedove 1:45.3.0-1~deb8u1
icedove 1:45.4.0-1
icedove 1:45.4.0-1~deb7u1
icedove 1:45.4.0-1~deb8u1
icedove 1:45.5.0-1
icedove 1:45.5.1-1~deb7u1
icedove 31.6.0-1
icedove 31.7.0-1
icedove 31.7.0-1~deb7u1
icedove 31.7.0-1~deb8u1
icedove 31.8.0-1~deb7u1
icedove 31.8.0-1~deb8u1
icedove 31.8.0-1~deb8u1+kbsd11
icedove 32.0~b1-1
icedove 33.0~b1-1
icedove 34.0~b1-1
icedove 34.0~b1-2
icedove 36.0~b1-1
icedove 36.0~b1-2
icedove 38.0.1-1
icedove 38.0~b2-1
icedove 38.0~b5-1
icedove 38.1.0-1
icedove 38.2.0-1
icedove 38.2.0-1~stretch
icedove 38.2.0-2
icedove 38.3.0-1
icedove 38.3.0-1~deb7u1
icedove 38.3.0-1~deb8u1
icedove 38.3.0-2
icedove 38.4.0-1
icedove 38.4.0-1~deb7u1
icedove 38.4.0-1~deb8u1
icedove 38.5.0-1
icedove 38.5.0-1~deb7u1
icedove 38.5.0-1~deb8u1
icedove 38.6.0-1
icedove 38.6.0-1~deb7u1
icedove 38.6.0-1~deb8u1
icedove 38.7.0-1
icedove 38.7.0-1~deb7u1
icedove 38.7.0-1~deb8u1
icedove 38.7.0-1~deb8u2
icedove 38.7.0-1~deb8u3
icedove 38.7.2-1
icedove 38.8.0-1~deb7u1
icedove 38.8.0-1~deb7u1.1
icedove 38.8.0-1~deb8u1
icedove 40.0~b1-1
icedove 41.0~b2-1
icedove 42.0~b1-1
icedove 42.0~b2-1
icedove 43.0~b1-1
icedove 44.0~b1-1