[ALSA-2024:0602] thunderbird security update
Severity
Important
Affected Packages
2
CVEs
9
thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.7.0.
Security Fix(es):
- Mozilla: Out of bounds write in ANGLE (CVE-2024-0741)
- Mozilla: Failure to update user input timestamp (CVE-2024-0742)
- Mozilla: Crash when listing printers on Linux (CVE-2024-0746)
- Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set (CVE-2024-0747)
- Mozilla: Phishing site popup could show local origin in address bar (CVE-2024-0749)
- Mozilla: Potential permissions request bypass via clickjacking (CVE-2024-0750)
- Mozilla: Privilege escalation through devtools (CVE-2024-0751)
- Mozilla: HSTS policy on subdomain could bypass policy of upper domain (CVE-2024-0753)
- Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7 (CVE-2024-0755)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-9.3 | < 115.7.0-1.el9_3.alma |
pkg:rpm/almalinux/thunderbird?arch=aarch64&distro=almalinux-9.3 | < 115.7.0-1.el9_3.alma |
- ID
- ALSA-2024:0602
- Severity
- important
- URL
- https://errata.almalinux.org/ALSA-2024:0602.html
- Published
-
2024-01-30T00:00:00
(7 months ago) - Modified
-
2024-02-01T10:12:30
(7 months ago) - Rights
- Copyright 2024 AlmaLinux OS
- Other Advisories
-
- ALAS2-2024-2440
- ALPINE:CVE-2024-0741
- ALPINE:CVE-2024-0742
- ALPINE:CVE-2024-0746
- ALPINE:CVE-2024-0747
- ALPINE:CVE-2024-0750
- ALPINE:CVE-2024-0751
- ALPINE:CVE-2024-0753
- ALPINE:CVE-2024-0755
- ALSA-2024:0603
- ALSA-2024:0608
- ALSA-2024:0609
- DSA-5605-1
- DSA-5606-1
- ELSA-2024-0600
- ELSA-2024-0601
- ELSA-2024-0602
- ELSA-2024-0603
- ELSA-2024-0608
- ELSA-2024-0609
- GLSA-202402-25
- GLSA-202402-26
- MFSA-2024-01
- MFSA-2024-02
- MFSA-2024-04
- RHSA-2024:0600
- RHSA-2024:0601
- RHSA-2024:0602
- RHSA-2024:0603
- RHSA-2024:0608
- RHSA-2024:0609
- RLSA-2024:0608
- RLSA-2024:0609
- SSA:2024-023-01
- SSA:2024-023-02
- SUSE-SU-2024:0211-1
- SUSE-SU-2024:0228-1
- SUSE-SU-2024:0229-1
- SUSE-SU-2024:0242-1
- USN-6610-1
- USN-6669-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/almalinux/thunderbird?arch=x86_64&distro=almalinux-9.3 | almalinux | thunderbird | < 115.7.0-1.el9_3.alma | almalinux-9.3 | x86_64 | |
Affected | pkg:rpm/almalinux/thunderbird?arch=aarch64&distro=almalinux-9.3 | almalinux | thunderbird | < 115.7.0-1.el9_3.alma | almalinux-9.3 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |