[ALSA-2023:4955] thunderbird security update
Severity
Important
Affected Packages
2
CVEs
12
thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 102.15.0.
Security Fix(es):
- Mozilla: Memory corruption in IPC CanvasTranslator (CVE-2023-4573)
- Mozilla: Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574)
- Mozilla: Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575)
- Mozilla: Memory corruption in JIT UpdateRegExpStatics (CVE-2023-4577)
- Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 (CVE-2023-4584)
- Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 (CVE-2023-4585)
- Mozilla: Full screen notification obscured by file open dialog (CVE-2023-4051)
- Mozilla: Full screen notification obscured by external program (CVE-2023-4053)
- Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception (CVE-2023-4578)
- Mozilla: Push notifications saved to disk unencrypted (CVE-2023-4580)
- Mozilla: XLL file extensions were downloadable without warnings (CVE-2023-4581)
- Mozilla: Browsing Context potentially not cleared when closing Private Window (CVE-2023-4583)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| Package | Affected Version |
|---|---|
 pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-9.2
|
< 102.15.0-1.el9_2.alma |
|
pkg:rpm/almalinux/thunderbird?arch=aarch64&distro=almalinux-9.2
|
< 102.15.0-1.el9_2.alma |
- ID
- ALSA-2023:4955
- Severity
- important
- URL
- https://errata.almalinux.org/ALSA-2023:4955.html
- Published
-
2023-09-04T00:00:00
(12 months ago) - Modified
-
2023-09-06T14:26:46
(12 months ago) - Rights
- Copyright 2023 AlmaLinux OS
- Other Advisories
-
-
ALAS2-2023-2248
-
ALPINE:CVE-2023-4051
-
ALPINE:CVE-2023-4053
-
ALPINE:CVE-2023-4573
-
ALPINE:CVE-2023-4574
-
ALPINE:CVE-2023-4575
-
ALPINE:CVE-2023-4577
-
ALPINE:CVE-2023-4578
-
ALPINE:CVE-2023-4580
-
ALPINE:CVE-2023-4581
-
ALPINE:CVE-2023-4583
-
ALPINE:CVE-2023-4584
-
ALPINE:CVE-2023-4585
-
ALSA-2023:4952
-
ALSA-2023:4954
-
ALSA-2023:4958
-
DSA-5485-1
-
DSA-5488-1
-
ELSA-2023-4945
-
ELSA-2023-4952
-
ELSA-2023-4954
-
ELSA-2023-4955
-
ELSA-2023-4958
-
ELSA-2023-5019
-
GLSA-202402-25
-
MFSA-2023-29
-
MFSA-2023-34
-
MFSA-2023-35
-
MFSA-2023-36
-
MFSA-2023-37
-
MFSA-2023-38
-
RHSA-2023:4945
-
RHSA-2023:4952
-
RHSA-2023:4954
-
RHSA-2023:4955
-
RHSA-2023:4958
-
RHSA-2023:5019
-
RLSA-2023:4952
-
RLSA-2023:4954
-
SSA:2023-242-01
-
SUSE-SU-2023:3519-1
-
SUSE-SU-2023:3559-1
-
SUSE-SU-2023:3562-1
-
SUSE-SU-2023:3664-1
-
USN-6267-1
-
USN-6320-1
-
USN-6368-1
-
USN-6405-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-9.2 | almalinux |
thunderbird
|
< 102.15.0-1.el9_2.alma | almalinux-9.2 | x86_64 | |
| Affected | pkg:rpm/almalinux/thunderbird?arch=aarch64&distro=almalinux-9.2 | almalinux |
thunderbird
|
< 102.15.0-1.el9_2.alma | almalinux-9.2 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |