Subject: | |
From: | |
Reply To: | |
Date: | Fri, 20 May 2016 11:17:15 +0100 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
I see that RedHat also released this for RHEL6
(although the release number suggests it took extra work).
Is there an estimate of when thunderbird 38.8 will be available for SL6 ?
Thanks.
On Tue, 17 May 2016, Connie Sieh wrote:
> Synopsis: Important: thunderbird security update
> Advisory ID: SLSA-2016:1041-1
> Issue Date: 2016-05-12
> CVE Numbers: CVE-2016-2805
> CVE-2016-2807
> --
>
> This update upgrades Thunderbird to version 38.8.0.
>
> Security Fix(es):
>
> * Two flaws were found in the processing of malformed web content. A web
> page containing malicious content could cause Thunderbird to crash or,
> potentially, execute arbitrary code with the privileges of the user
> running Thunderbird. (CVE-2016-2805, CVE-2016-2807)
> --
>
> SL5
> x86_64
> thunderbird-38.8.0-1.el5_11.x86_64.rpm
> thunderbird-debuginfo-38.8.0-1.el5_11.x86_64.rpm
> i386
> thunderbird-38.8.0-1.el5_11.i386.rpm
> thunderbird-debuginfo-38.8.0-1.el5_11.i386.rpm
> SL7
> x86_64
> thunderbird-38.8.0-1.el7_2.x86_64.rpm
> thunderbird-debuginfo-38.8.0-1.el7_2.x86_64.rpm
>
> - Scientific Linux Development Team
|
|
|