[RHSA-2017:1201] thunderbird security update
Severity
Important
Affected Packages
4
CVEs
29
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 52.1.0.
Security Fix(es):
- Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5429, CVE-2017-5433, CVE-2017-5435, CVE-2017-5436, CVE-2017-5459, CVE-2017-5466, CVE-2017-5432, CVE-2017-5434, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5446, CVE-2017-5447, CVE-2017-5454, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5469, CVE-2016-10195, CVE-2016-10196, CVE-2017-5445, CVE-2017-5449, CVE-2017-5451, CVE-2017-5467, CVE-2016-10197)
Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Petr Cerny, Nils, Ivan Fratric (Google Project Zero), Takeshi Terada, Heather Miller (Google Skia team), Chun Han Hsiao, Chamal De Silva, Nicolas Grégoire, Holger Fuhrmannek, Atte Kettunen, Haik Aftandilian, and Jordi Chancel as the original reporters.
| Package | Affected Version |
|---|---|
 pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-6.9
|
< 52.1.0-1.el6_9 |
|
pkg:rpm/redhat/thunderbird?arch=s390x&distro=redhat-6.9
|
< 52.1.0-1.el6_9 |
|
pkg:rpm/redhat/thunderbird?arch=ppc64&distro=redhat-6.9
|
< 52.1.0-1.el6_9 |
|
pkg:rpm/redhat/thunderbird?arch=i686&distro=redhat-6.9
|
< 52.1.0-1.el6_9 |
- ID
- RHSA-2017:1201
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2017:1201
- Published
-
2017-05-08T00:00:00
(7 years ago) - Modified
-
2017-05-08T00:00:00
(7 years ago) - Rights
- Copyright 2017 Red Hat, Inc.
- Other Advisories
-
-
ALPINE:CVE-2016-10195
-
ALPINE:CVE-2016-10196
-
ALPINE:CVE-2016-10197
-
ASA-201704-6
-
DSA-3789-1
-
DSA-3831-1
-
ELSA-2017-1104
-
ELSA-2017-1106
-
ELSA-2017-1201
-
FREEBSD:5E0A038A-CA30-416D-A2F5-38CBF5E7DF33
-
FREEBSD:B8EE7A81-A879-4358-9B30-7DD1BD4C14B1
-
FREEBSD:CF133ACC-82E7-4755-A66A-5DDF90DACBE6
-
GLSA-201705-01
-
GLSA-201706-25
-
GLSA-201802-03
-
MFSA-2017-10
-
MFSA-2017-11
-
MFSA-2017-12
-
MFSA-2017-13
-
openSUSE-SU-2017:1268-1
-
RHSA-2017:1104
-
RHSA-2017:1106
-
SUSE-SU-2017:1149-1
-
SUSE-SU-2017:1175-1
-
SUSE-SU-2017:1248-1
-
SUSE-SU-2017:1669-1
-
SUSE-SU-2017:2235-1
-
SUSE-SU-2018:0200-1
-
SUSE-SU-2018:0263-1
-
USN-3228-1
-
USN-3260-1
-
USN-3278-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.1.0-1.el6_9 | redhat-6.9 | x86_64 | |
| Affected | pkg:rpm/redhat/thunderbird?arch=s390x&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.1.0-1.el6_9 | redhat-6.9 | s390x | |
| Affected | pkg:rpm/redhat/thunderbird?arch=ppc64&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.1.0-1.el6_9 | redhat-6.9 | ppc64 | |
| Affected | pkg:rpm/redhat/thunderbird?arch=i686&distro=redhat-6.9 | redhat |
thunderbird
|
< 52.1.0-1.el6_9 | redhat-6.9 | i686 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |