[RHSA-2019:0681] thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 60.6.1.
Security Fix(es):
Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788)
Mozilla: Use-after-free when removing in-use DOM elements (CVE-2019-9790)
Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791)
Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792)
Mozilla: IonMonkey MArraySlice has incorrect alias information (CVE-2019-9810)
Mozilla: Ionmonkey type confusion with proto mutations (CVE-2019-9813)
Mozilla: Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793)
Mozilla: Type-confusion in IonMonkey JIT compiler (CVE-2019-9795)
Mozilla: Use-after-free with SMIL animation controller (CVE-2019-9796)
Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-7.6 | < 60.6.1-1.el7_6 |
pkg:rpm/redhat/thunderbird?arch=ppc64le&distro=redhat-7.6 | < 60.6.1-1.el7_6 |
pkg:rpm/redhat/thunderbird?arch=aarch64&distro=redhat-7.6 | < 60.6.1-1.el7_6 |
- ID
- RHSA-2019:0681
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2019:0681
- Published
-
2019-03-28T00:00:00
(5 years ago) - Modified
-
2019-03-28T00:00:00
(5 years ago) - Rights
- Copyright 2019 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2019-1195
- ALPINE:CVE-2018-18356
- ALPINE:CVE-2018-18506
- ALPINE:CVE-2019-5785
- ALPINE:CVE-2019-9788
- ALPINE:CVE-2019-9790
- ALPINE:CVE-2019-9791
- ALPINE:CVE-2019-9792
- ALPINE:CVE-2019-9793
- ALPINE:CVE-2019-9795
- ALPINE:CVE-2019-9796
- ALPINE:CVE-2019-9810
- ALPINE:CVE-2019-9813
- ASA-201812-2
- ASA-201902-16
- ASA-201902-2
- ASA-201902-23
- ASA-201903-11
- ASA-201903-14
- ASA-201904-4
- DSA-4352-1
- DSA-4391-1
- DSA-4392-1
- DSA-4411-1
- DSA-4417-1
- DSA-4420-1
- ELSA-2019-0373
- ELSA-2019-0374
- ELSA-2019-0622
- ELSA-2019-0623
- ELSA-2019-0671
- ELSA-2019-0672
- ELSA-2019-0680
- ELSA-2019-0681
- ELSA-2019-0966
- ELSA-2019-1144
- FEDORA-2019-348547a32d
- FEDORA-2019-859384e002
- FREEBSD:05DA6B56-3E66-4306-9EA3-89FAFE939726
- FREEBSD:18211552-F650-4D86-BA4F-E6D5CBFCDBEB
- FREEBSD:546D4DD4-10EA-11E9-B407-080027EF1A23
- FREEBSD:B1F7D52F-FC42-48E8-8403-87D4C9D26229
- GLSA-201903-04
- GLSA-201904-07
- GLSA-201908-18
- MFSA-2019-01
- MFSA-2019-04
- MFSA-2019-05
- MFSA-2019-06
- MFSA-2019-07
- MFSA-2019-08
- MFSA-2019-09
- MFSA-2019-10
- MFSA-2019-11
- MFSA-2019-12
- openSUSE-SU-2018:4143-1
- openSUSE-SU-2019:0248-1
- openSUSE-SU-2019:0249-1
- openSUSE-SU-2019:0251-1
- openSUSE-SU-2019:1077-1
- openSUSE-SU-2019:1126-1
- openSUSE-SU-2019:1162-1
- RHSA-2018:3803
- RHSA-2019:0373
- RHSA-2019:0374
- RHSA-2019:0622
- RHSA-2019:0623
- RHSA-2019:0671
- RHSA-2019:0672
- RHSA-2019:0680
- RHSA-2019:0966
- RHSA-2019:1144
- SSA:2019-044-01
- SSA:2019-045-01
- SSA:2019-081-01
- SUSE-SU-2019:0469-1
- SUSE-SU-2019:0852-1
- SUSE-SU-2019:0853-1
- SUSE-SU-2019:0871-1
- USN-3874-1
- USN-3896-1
- USN-3897-1
- USN-3918-1
- USN-3918-2
- USN-3919-1
- USN-3927-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/thunderbird?arch=x86_64&distro=redhat-7.6 | redhat | thunderbird | < 60.6.1-1.el7_6 | redhat-7.6 | x86_64 | |
Affected | pkg:rpm/redhat/thunderbird?arch=ppc64le&distro=redhat-7.6 | redhat | thunderbird | < 60.6.1-1.el7_6 | redhat-7.6 | ppc64le | |
Affected | pkg:rpm/redhat/thunderbird?arch=aarch64&distro=redhat-7.6 | redhat | thunderbird | < 60.6.1-1.el7_6 | redhat-7.6 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |