Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:3531-1 Issue Date: 2018-11-09 CVE Numbers: CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 -- This update upgrades Thunderbird to version 60.3.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 (CVE-2018-12390) * Mozilla: Crash with nested event loops (CVE-2018-12392) * Mozilla: Integer overflow during Unicode conversion while loading JavaScript (CVE-2018-12393) * Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 (CVE-2018-12389) -- SL6 x86_64 thunderbird-60.3.0-1.el6.x86_64.rpm thunderbird-debuginfo-60.3.0-1.el6.x86_64.rpm i386 thunderbird-60.3.0-1.el6.i686.rpm thunderbird-debuginfo-60.3.0-1.el6.i686.rpm - Scientific Linux Development Team