Ubuntu
thunderbird package

  1. Bug #199412
  2. Comment #0

Comment 0 for bug 199412

Revision history for this message
disabled.user (disabled.user-deactivatedaccount) wrote :

Binary package hint: thunderbird

It seems like the latest USN for Thunderbird (see USN-582-1 and USN-582-2) misses a fix for CVE-2008-0591 when compared to:
- DSA-1485-1 (http://www.debian.org/security/2008/dsa-1485)
- MDVSA-2008:062 (http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:062)

If Ubuntu's Thunderbird is not affected by CVE-2008-0591, then sorry for reporting this, but I thought "better save than sorry".