LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

May 2016

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS May 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Security ERRATA Important: thunderbird on SL5.x, SL7.x i386/x86_64
From:	Andrew C Aitchison <[log in to unmask]>
Reply To:	Andrew C Aitchison <[log in to unmask]>
Date:	Fri, 20 May 2016 11:17:15 +0100
Content-Type:	text/plain
Parts/Attachments:	text/plain (40 lines)

I see that RedHat also released this for RHEL6
(although the release number suggests it took extra work).

Is there an estimate of when thunderbird 38.8 will be available for SL6 ?

Thanks.

On Tue, 17 May 2016, Connie Sieh wrote:

> Synopsis:          Important: thunderbird security update
> Advisory ID:       SLSA-2016:1041-1
> Issue Date:        2016-05-12
> CVE Numbers:       CVE-2016-2805
>                   CVE-2016-2807
> --
>
> This update upgrades Thunderbird to version 38.8.0.
>
> Security Fix(es):
>
> * Two flaws were found in the processing of malformed web content. A web
> page containing malicious content could cause Thunderbird to crash or,
> potentially, execute arbitrary code with the privileges of the user
> running Thunderbird. (CVE-2016-2805, CVE-2016-2807)
> --
>
> SL5
>  x86_64
>    thunderbird-38.8.0-1.el5_11.x86_64.rpm
>    thunderbird-debuginfo-38.8.0-1.el5_11.x86_64.rpm
>  i386
>    thunderbird-38.8.0-1.el5_11.i386.rpm
>    thunderbird-debuginfo-38.8.0-1.el5_11.i386.rpm
> SL7
>  x86_64
>    thunderbird-38.8.0-1.el7_2.x86_64.rpm
>    thunderbird-debuginfo-38.8.0-1.el7_2.x86_64.rpm
>
> - Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV