The following security errata are now located in "sl-testing". These errata were released after/during the release of RHEL 6.8 . We require extra testing for these errata. Please test. yum --enablerepo=sl-testing list yum --enablerepo=sl-testing update <package> file-5.04-30.el6 icedtea-web-1.6.2-1.el6 kernel-2.6.32-642.el6 ntp-4.2.6p5-10.el6 openssh-5.3p1-118.1.el6_8.1 openssl-1.0.1e-48.el6_8.1 qemu-kvm-0.12.1.2-2.491.el6_8.1 thunderbird-38.8.0-2.el6_8 On Fri, 20 May 2016, Connie Sieh wrote: > Will push all of the "security errata" that have been published since RHEL > 6.8 was released for SL 6 soon. > > -- > > Connie J. Sieh > Computing Services Specialist III > > Fermi National Accelerator Laboratory > 630 840 8531 office > > http://www.fnal.gov > [log in to unmask] > > On Fri, 20 May 2016, Andrew C Aitchison wrote: > >> I see that RedHat also released this for RHEL6 >> (although the release number suggests it took extra work). >> >> Is there an estimate of when thunderbird 38.8 will be available for SL6 ? >> >> Thanks. >> >> On Tue, 17 May 2016, Connie Sieh wrote: >> >>> Synopsis: Important: thunderbird security update >>> Advisory ID: SLSA-2016:1041-1 >>> Issue Date: 2016-05-12 >>> CVE Numbers: CVE-2016-2805 >>> CVE-2016-2807 >>> -- >>> >>> This update upgrades Thunderbird to version 38.8.0. >>> >>> Security Fix(es): >>> >>> * Two flaws were found in the processing of malformed web content. A web >>> page containing malicious content could cause Thunderbird to crash or, >>> potentially, execute arbitrary code with the privileges of the user >>> running Thunderbird. (CVE-2016-2805, CVE-2016-2807) >>> -- >>> >>> SL5 >>> x86_64 >>> thunderbird-38.8.0-1.el5_11.x86_64.rpm >>> thunderbird-debuginfo-38.8.0-1.el5_11.x86_64.rpm >>> i386 >>> thunderbird-38.8.0-1.el5_11.i386.rpm >>> thunderbird-debuginfo-38.8.0-1.el5_11.i386.rpm >>> SL7 >>> x86_64 >>> thunderbird-38.8.0-1.el7_2.x86_64.rpm >>> thunderbird-debuginfo-38.8.0-1.el7_2.x86_64.rpm >>> >>> - Scientific Linux Development Team >> >