[ALSA-2023:7501] thunderbird security update
Severity
Important
Affected Packages
2
CVEs
7
thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.5.0.
Security Fix(es):
- Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)
- Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)
- Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)
- Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)
- Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)
- Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)
- Mozilla: Incorrect parsing of relative URLs starting with "///" (CVE-2023-6209)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-9.3 | < 115.5.0-1.el9_3.alma |
pkg:rpm/almalinux/thunderbird?arch=aarch64&distro=almalinux-9.3 | < 115.5.0-1.el9_3.alma |
- ID
- ALSA-2023:7501
- Severity
- important
- URL
- https://errata.almalinux.org/ALSA-2023:7501.html
- Published
-
2023-11-27T00:00:00
(9 months ago) - Modified
-
2023-11-29T17:32:56
(9 months ago) - Rights
- Copyright 2023 AlmaLinux OS
- Other Advisories
-
- ALAS2-2024-2379
- ALPINE:CVE-2023-6204
- ALPINE:CVE-2023-6205
- ALPINE:CVE-2023-6206
- ALPINE:CVE-2023-6207
- ALPINE:CVE-2023-6208
- ALPINE:CVE-2023-6209
- ALPINE:CVE-2023-6212
- ALSA-2023:7500
- ALSA-2023:7507
- ALSA-2023:7508
- DSA-5561-1
- DSA-5566-1
- ELSA-2023-7500
- ELSA-2023-7501
- ELSA-2023-7505
- ELSA-2023-7507
- ELSA-2023-7508
- ELSA-2023-7509
- GLSA-202402-25
- MFSA-2023-49
- MFSA-2023-50
- MFSA-2023-52
- RHSA-2023:7500
- RHSA-2023:7501
- RHSA-2023:7505
- RHSA-2023:7507
- RHSA-2023:7508
- RHSA-2023:7509
- RLSA-2023:7500
- SSA:2023-325-02
- SSA:2023-326-01
- SUSE-SU-2023:4588-1
- SUSE-SU-2023:4912-1
- SUSE-SU-2023:4928-1
- SUSE-SU-2023:4929-1
- USN-6509-1
- USN-6515-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-9.3 | almalinux | thunderbird | < 115.5.0-1.el9_3.alma | almalinux-9.3 | x86_64 | |
Affected | pkg:rpm/almalinux/thunderbird?arch=aarch64&distro=almalinux-9.3 | almalinux | thunderbird | < 115.5.0-1.el9_3.alma | almalinux-9.3 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |