Print

Print


Synopsis:          Important: thunderbird security update
Advisory ID:       SLSA-2017:1561-1
Issue Date:        2017-06-21
CVE Numbers:       CVE-2017-5472
                   CVE-2017-7749
                   CVE-2017-7750
                   CVE-2017-7751
                   CVE-2017-7752
                   CVE-2017-7754
                   CVE-2017-7756
                   CVE-2017-7757
                   CVE-2017-7778
                   CVE-2017-7771
                   CVE-2017-7772
                   CVE-2017-7773
                   CVE-2017-7758
                   CVE-2017-7764
                   CVE-2017-5470
--

This update upgrades Thunderbird to version 52.2.0.

Security Fix(es):

* Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Thunderbird to crash or,
potentially, execute arbitrary code with the privileges of the user
running Thunderbird. (CVE-2017-5470, CVE-2017-5472, CVE-2017-7749,
CVE-2017-7750, CVE-2017-7751, CVE-2017-7756, CVE-2017-7771, CVE-2017-7772,
CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777,
CVE-2017-7778, CVE-2017-7752, CVE-2017-7754, CVE-2017-7757, CVE-2017-7758,
CVE-2017-7764)
--

SL6
  x86_64
    thunderbird-52.2.0-1.el6_9.x86_64.rpm
    thunderbird-debuginfo-52.2.0-1.el6_9.x86_64.rpm
  i386
    thunderbird-52.2.0-1.el6_9.i686.rpm
    thunderbird-debuginfo-52.2.0-1.el6_9.i686.rpm
SL7
  x86_64
    thunderbird-52.2.0-1.el7_3.x86_64.rpm
    thunderbird-debuginfo-52.2.0-1.el7_3.x86_64.rpm

- Scientific Linux Development Team