Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 201811-13 ] Mozilla Thunderbird
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Advocate
Advocate


Joined: 12 May 2004
Posts: 2189

PostPosted: Sat Nov 24, 2018 10:26 pm    Post subject: [ GLSA 201811-13 ] Mozilla Thunderbird Reply with quote

Gentoo Linux Security Advisory

Title: Mozilla Thunderbird: Multiple vulnerabilities (GLSA 201811-13)
Severity: normal
Exploitable: remote
Date: 2018-11-24
Bug(s): #651862, #656092, #660342, #669960, #670102
ID: 201811-13

Synopsis

Multiple vulnerabilities have been found in Mozilla Thunderbird,
the worst of which could lead to the execution of arbitrary code.


Background

Mozilla Thunderbird is a popular open-source email client from the
Mozilla project.


Affected Packages

Package: mail-client/thunderbird
Vulnerable: < 60.3.0
Unaffected: >= 60.3.0
Architectures: All supported architectures

Package: mail-client/thunderbird-bin
Vulnerable: < 60.3.0
Unaffected: >= 60.3.0
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
Please review the referenced Mozilla Foundation Security Advisories and
CVE identifiers below for details.


Impact

A remote attacker may be able to execute arbitrary code, cause a Denial
of Service condition, obtain sensitive information, or conduct Cross-Site
Request Forgery (CSRF).


Workaround

There is no known workaround at this time.

Resolution

All Thunderbird users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-60.3.0"
   
All Thunderbird binary users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose
      ">=mail-client/thunderbird-bin-60.3.0"
   


References

CVE-2017-16541
CVE-2018-12359
CVE-2018-12360
CVE-2018-12361
CVE-2018-12362
CVE-2018-12363
CVE-2018-12364
CVE-2018-12365
CVE-2018-12366
CVE-2018-12367
CVE-2018-12371
CVE-2018-12372
CVE-2018-12373
CVE-2018-12374
CVE-2018-12376
CVE-2018-12377
CVE-2018-12378
CVE-2018-12379
CVE-2018-12383
CVE-2018-12385
CVE-2018-12389
CVE-2018-12390
CVE-2018-12391
CVE-2018-12392
CVE-2018-12393
CVE-2018-5125
CVE-2018-5127
CVE-2018-5129
CVE-2018-5144
CVE-2018-5145
CVE-2018-5146
CVE-2018-5150
CVE-2018-5154
CVE-2018-5155
CVE-2018-5156
CVE-2018-5159
CVE-2018-5161
CVE-2018-5162
CVE-2018-5168
CVE-2018-5170
CVE-2018-5178
CVE-2018-5183
CVE-2018-5184
CVE-2018-5185
CVE-2018-5187
CVE-2018-5188
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum