We had a compiling problem on the SL4 x86_64 rpms. The compiling problem has been fixed and is working now. Both the x86_64 and i386 rpm's have been rebuilt with the new name to keep consistency. No code has been changed. The rpm's were only recompiled. SL 4.x SRPMS: thunderbird-1.5.0.12-16.el4.sl.src.rpm i386: thunderbird-1.5.0.12-16.el4.sl.i386.rpm x86_64: thunderbird-1.5.0.12-16.el4.sl.x86_64.rpm Troy Dawson Troy J Dawson wrote: > Synopsis: Moderate: thunderbird security update > Issue date: 2008-10-01 > CVE Names: CVE-2008-0016 CVE-2008-3835 CVE-2008-4058 > CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 > CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 > CVE-2008-4067 CVE-2008-4068 CVE-2008-4070 > > > Several flaws were found in the processing of malformed HTML mail content. > An HTML mail message containing malicious content could cause Thunderbird > to crash or, potentially, execute arbitrary code as the user running > Thunderbird. (CVE-2008-0016, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, > CVE-2008-4061, CVE-2008-4062) > > Several flaws were found in the way malformed HTML mail content was > displayed. An HTML mail message containing specially crafted content could > potentially trick a Thunderbird user into surrendering sensitive > information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068) > > A flaw was found in Thunderbird that caused certain characters to be > stripped from JavaScript code. This flaw could allow malicious JavaScript > to bypass or evade script filters. (CVE-2008-4065, CVE-2008-4066) > > Note: JavaScript support is disabled by default in Thunderbird; the above > issue is not exploitable unless JavaScript is enabled. > > A heap based buffer overflow flaw was found in the handling of cancelled > newsgroup messages. If the user cancels a specially crafted newsgroup > message it could cause Thunderbird to crash or, potentially, execute > arbitrary code as the user running Thunderbird. (CVE-2008-4070) > > Note2: On SL4 this updates fixes the bug that when a URL link is clicked, > firefox wouldn't start. Firefox now starts when a URL link is clicked. > > SL 4.x > > SRPMS: > thunderbird-1.5.0.12-16.el4.src.rpm > i386: > thunderbird-1.5.0.12-16.el4.i386.rpm > x86_64: > thunderbird-1.5.0.12-16.el4.x86_64.rpm > > SL 5.x > > SRPMS: > thunderbird-2.0.0.17-1.el5.src.rpm > i386: > thunderbird-2.0.0.17-1.el5.i386.rpm > x86_64: > thunderbird-2.0.0.17-1.el5.x86_64.rpm > > -Connie Sieh > -Troy Dawson > > > -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI DSS Group __________________________________________________