1. Home
  2. Security Advisories
  3. Gentoo
  4. GLSA-201908-20

[GLSA-201908-20] Mozilla Thunderbird: Multiple vulnerabilities

Severity Normal
Affected Packages 2
Unaffected Packages 2
CVEs 14
Info Packages References Vulnerabilities

Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.

Background
Mozilla Thunderbird is a popular open-source email client from the
Mozilla project

Description
Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
Please review the CVE identifiers referenced below for details.

Impact
Please review the referenced CVE identifiers for details.

Workaround
There is no known workaround at this time.

Resolution
All Mozilla Thunderbird users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/thunderbird-60.8.0"

All Mozilla Thunderbird binary users should upgrade to the latest
version:

# emerge --sync
# emerge --ask --oneshot --verbose
">=mail-client/thunderbird-bin-60.8.0"

Package Affected Version
pkg:ebuild/mail-client/thunderbird?distro=gentoo < 60.8.0
pkg:ebuild/mail-client/thunderbird-bin?distro=gentoo < 60.8.0
Package Unaffected Version
pkg:ebuild/mail-client/thunderbird?distro=gentoo >= 60.8.0
pkg:ebuild/mail-client/thunderbird-bin?distro=gentoo >= 60.8.0
ID
GLSA-201908-20
Severity
normal
URL
https://security.gentoo.org/glsa/201908-20
Published
2019-08-16T00:00:00
(5 years ago)
Modified
2019-08-16T00:00:00
(5 years ago)
Rights
Gentoo Foundation, Inc.
Other Advisories
Source # ID Name URL
CVE CVE-2019-11703 CVE-2019-11703 https://nvd.nist.gov/vuln/detail/CVE-2019-11703
CVE CVE-2019-11704 CVE-2019-11704 https://nvd.nist.gov/vuln/detail/CVE-2019-11704
CVE CVE-2019-11705 CVE-2019-11705 https://nvd.nist.gov/vuln/detail/CVE-2019-11705
CVE CVE-2019-11706 CVE-2019-11706 https://nvd.nist.gov/vuln/detail/CVE-2019-11706
CVE CVE-2019-11709 CVE-2019-11709 https://nvd.nist.gov/vuln/detail/CVE-2019-11709
CVE CVE-2019-11711 CVE-2019-11711 https://nvd.nist.gov/vuln/detail/CVE-2019-11711
CVE CVE-2019-11712 CVE-2019-11712 https://nvd.nist.gov/vuln/detail/CVE-2019-11712
CVE CVE-2019-11713 CVE-2019-11713 https://nvd.nist.gov/vuln/detail/CVE-2019-11713
CVE CVE-2019-11715 CVE-2019-11715 https://nvd.nist.gov/vuln/detail/CVE-2019-11715
CVE CVE-2019-11717 CVE-2019-11717 https://nvd.nist.gov/vuln/detail/CVE-2019-11717
CVE CVE-2019-11719 CVE-2019-11719 https://nvd.nist.gov/vuln/detail/CVE-2019-11719
CVE CVE-2019-11729 CVE-2019-11729 https://nvd.nist.gov/vuln/detail/CVE-2019-11729
CVE CVE-2019-11730 CVE-2019-11730 https://nvd.nist.gov/vuln/detail/CVE-2019-11730
CVE CVE-2019-9811 CVE-2019-9811 https://nvd.nist.gov/vuln/detail/CVE-2019-9811
Bugzilla 688032 Bugzilla #688032 https://bugs.gentoo.org/show_bug.cgi?id=688032
Bugzilla 690664 Bugzilla #690664 https://bugs.gentoo.org/show_bug.cgi?id=690664
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:ebuild/mail-client/thunderbird?distro=gentoo mail-client thunderbird < 60.8.0 gentoo
Unaffected pkg:ebuild/mail-client/thunderbird?distro=gentoo mail-client thunderbird >= 60.8.0 gentoo
Affected pkg:ebuild/mail-client/thunderbird-bin?distro=gentoo mail-client thunderbird-bin < 60.8.0 gentoo
Unaffected pkg:ebuild/mail-client/thunderbird-bin?distro=gentoo mail-client thunderbird-bin >= 60.8.0 gentoo
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date