[FEDORA-2010-11379] Fedora 13: thunderbird, sunbird
Severity
Critical
Affected Packages
2
CVEs
11
Update to new upstream Thunderbird version 3.1.1, fixing multiple security
issues detailed in the upstream advisories:
http://www.mozilla.org/security/announce/ Update also includes sunbird
package rebuilt against new version of Thunderbird.
| Package | Affected Version |
|---|---|
 pkg:rpm/fedora/thunderbird?distro=fedora-13
|
< 3.1.1.1.fc13 |
|
pkg:rpm/fedora/sunbird?distro=fedora-13
|
< 1.0.0.26.b2pre.fc13 |
- ID
- FEDORA-2010-11379
- Severity
- critical
- Severity from
- CVE-2010-1205
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2010-11379
- Published
-
2010-07-23T02:48:57
(14 years ago) - Modified
-
2010-07-23T02:48:57
(14 years ago) - Rights
- Copyright 2010 Red Hat, Inc.
- Other Advisories
-
-
ELSA-2010-0534
-
ELSA-2010-0547
-
FEDORA-2010-10557
-
FEDORA-2010-10592
-
FEDORA-2010-10776
-
FEDORA-2010-10793
-
FEDORA-2010-10823
-
FEDORA-2010-10833
-
FEDORA-2010-11327
-
FEDORA-2010-11345
-
FEDORA-2010-11361
-
FEDORA-2010-11363
-
FEDORA-2010-11375
-
FREEBSD:8C2EA875-9499-11DF-8E32-000F20797EDE
-
FREEBSD:EDEF3F2F-82CF-11DF-BCCE-0018F3E2EB82
-
GLSA-201010-01
-
GLSA-201301-01
-
GLSA-201412-08
-
GLSA-201412-11
-
SSA:2010-180-01
-
USN-930-4
-
USN-957-1
-
USN-958-1
-
USN-960-1
-
VU:643615
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 615466 | Bug #615466 - CVE-2010-2753 Mozilla nsTreeSelection dangling pointer remote code execution vulnerability |
|
| Bugzilla | 608238 | Bug #608238 - CVE-2010-1205 libpng: out-of-bounds memory write |
|
| Bugzilla | 568231 | Bug #568231 - CVE-2010-0654 firefox: cross-domain information disclosure |
|
| Bugzilla | 615471 | Bug #615471 - CVE-2010-1213 Mozilla Cross-origin data disclosure via Web Workers and importScripts |
|
| Bugzilla | 615472 | Bug #615472 - CVE-2010-1207 Mozilla Same-origin bypass using canvas context |
|
| Bugzilla | 615455 | Bug #615455 - CVE-2010-1211 Mozilla miscellaneous memory safety hazards |
|
| Bugzilla | 615488 | Bug #615488 - CVE-2010-2754 Mozilla Cross-origin data leakage from script filename in error messages |
|
| Bugzilla | 615456 | Bug #615456 - CVE-2010-1212 Mozilla miscellaneous memory safety hazards |
|
| Bugzilla | 615463 | Bug #615463 - CVE-2010-1215 Mozilla Arbitrary code execution using SJOW and fast native function |
|
| Bugzilla | 615464 | Bug #615464 - CVE-2010-2752 Mozilla nsCSSValue::Array index integer overflow |
|
| Bugzilla | 615474 | Bug #615474 - CVE-2010-1210 Mozilla Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/fedora/thunderbird?distro=fedora-13 | fedora |
thunderbird
|
< 3.1.1.1.fc13 | fedora-13 | ||
| Affected | pkg:rpm/fedora/sunbird?distro=fedora-13 | fedora |
sunbird
|
< 1.0.0.26.b2pre.fc13 | fedora-13 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |