Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 201904-07 ] Mozilla Thunderbird and Firefox
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Advocate
Advocate


Joined: 12 May 2004
Posts: 2226

PostPosted: Tue Apr 02, 2019 11:26 am    Post subject: [ GLSA 201904-07 ] Mozilla Thunderbird and Firefox Reply with quote

Gentoo Linux Security Advisory

Title: Mozilla Thunderbird and Firefox: Multiple vulnerabilities (GLSA 201904-07)
Severity: normal
Exploitable: remote
Date: 2019-04-02
Bug(s): #676954, #678072, #681834, #681836
ID: 201904-07

Synopsis

Multiple vulnerabilities have been found in Mozilla Thunderbird and
Firefox, the worst of which could lead to the execution of arbitrary code.


Background

Mozilla Thunderbird is a popular open-source email client from the
Mozilla project.
Mozilla Firefox is a popular open-source web browser from the Mozilla
Project.


Affected Packages

Package: mail-client/thunderbird
Vulnerable: < 60.6.1
Unaffected: >= 60.6.1
Architectures: All supported architectures

Package: mail-client/thunderbird-bin
Vulnerable: < 60.6.1
Unaffected: >= 60.6.1
Architectures: All supported architectures

Package: www-client/firefox
Vulnerable: < 60.6.1
Unaffected: >= 60.6.1
Architectures: All supported architectures

Package: www-client/firefox-bin
Vulnerable: < 60.6.1
Unaffected: >= 60.6.1
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Mozilla Thunderbird and
Firefox. Please review the referenced Mozilla Foundation Security
Advisories and CVE identifiers below for details.


Impact

Please review the referenced Mozilla Foundation Security Advisories and
CVE identifiers below for details.


Workaround

There is no known workaround at this time.

Resolution

All Thunderbird users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-60.6.1"
   
All Thunderbird bin users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose
      ">=mail-client/thunderbird-bin-60.6.1"
   
All Firefox users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=www-client/firefox-60.6.1"
   
All Firefox bin users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-60.6.1"
   


References

CVE-2016-5824
CVE-2018-18335
CVE-2018-18356
CVE-2018-18500
CVE-2018-18501
CVE-2018-18505
CVE-2018-18506
CVE-2018-18509
CVE-2018-18512
CVE-2018-18513
CVE-2019-5785
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9795
CVE-2019-9796
CVE-2019-9810
CVE-2019-9813
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum