SCIENTIFIC-LINUX-ERRATA Archives

April 2018

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: thunderbird on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Fri, 6 Apr 2018 14:04:23 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (44 lines) 
Synopsis:          Important: thunderbird security update

Advisory ID:       SLSA-2018:0647-1

Issue Date:        2018-04-05

CVE Numbers:       CVE-2018-5125

                   CVE-2018-5127

                   CVE-2018-5129

                   CVE-2018-5144

                   CVE-2018-5145

                   CVE-2018-5146

--



This update upgrades Thunderbird to version 52.7.0.



Security Fix(es):



* Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7

(MFSA 2018-07) (CVE-2018-5125)



* Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07)

(CVE-2018-5145)



* Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08)

(CVE-2018-5146)



* Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MFSA

2018-07) (CVE-2018-5127)



* Mozilla: Out-of-bounds write with malformed IPC messages (MFSA 2018-07)

(CVE-2018-5129)



* Mozilla: Integer overflow during Unicode conversion (MFSA 2018-07)

(CVE-2018-5144)

--



SL6

  x86_64

    thunderbird-52.7.0-1.el6_9.x86_64.rpm

    thunderbird-debuginfo-52.7.0-1.el6_9.x86_64.rpm

  i386

    thunderbird-52.7.0-1.el6_9.i686.rpm

    thunderbird-debuginfo-52.7.0-1.el6_9.i686.rpm



- Scientific Linux Development Team

ATOM RSS1 RSS2