Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:3532-1 Issue Date: 2018-11-09 CVE Numbers: CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 -- This update upgrades Thunderbird to version 60.3.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 (CVE-2018-12390) * Mozilla: Crash with nested event loops (CVE-2018-12392) * Mozilla: Integer overflow during Unicode conversion while loading JavaScript (CVE-2018-12393) * Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 (CVE-2018-12389) -- SL7 x86_64 thunderbird-60.3.0-1.el7_5.x86_64.rpm thunderbird-debuginfo-60.3.0-1.el7_5.x86_64.rpm - Scientific Linux Development Team