A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate . A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Update: The mozilla-thunderbird-moztraybiff packages had the wrong release which prevented it to be upgraded . The new packages addresses this problem.