Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 201803-14 ] Mozilla Thunderbird
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Advocate
Advocate


Joined: 12 May 2004
Posts: 2088

PostPosted: Wed Apr 04, 2018 2:26 am    Post subject: [ GLSA 201803-14 ] Mozilla Thunderbird Reply with quote

Gentoo Linux Security Advisory

Title: Mozilla Thunderbird: Multiple vulnerabilities (GLSA 201803-14)
Severity: normal
Exploitable: remote
Date: 2018-03-28
Bug(s): #627376, #639048, #643842, #645812, #645820
ID: 201803-14

Synopsis

Multiple vulnerabilities have been found in Mozilla Thunderbird,
the worst of which could lead to the execution of arbitrary code.


Background

Mozilla Thunderbird is a popular open-source email client from the
Mozilla project.


Affected Packages

Package: mail-client/thunderbird
Vulnerable: < 52.6.0
Unaffected: >= 52.6.0
Architectures: All supported architectures

Package: mail-client/thunderbird-bin
Vulnerable: < 52.6.0
Unaffected: >= 52.6.0
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
Please review the referenced Mozilla Foundation Security Advisories and
CVE identifiers below for details.


Impact

A remote attacker may be able to execute arbitrary code, cause a Denial
of Service condition, obtain sensitive information, conduct URL
hijacking, or conduct cross-site scripting (XSS).


Workaround

There is no known workaround at this time.

Resolution

All Thunderbird users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-52.6.0"
   
All Thunderbird binary users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose
      ">=mail-client/thunderbird-bin-52.6.0"
   


References


CVE-2017-7753


CVE-2017-7779


CVE-2017-7784


CVE-2017-7785


CVE-2017-7786


CVE-2017-7787


CVE-2017-7791


CVE-2017-7792


CVE-2017-7793


CVE-2017-7800


CVE-2017-7801


CVE-2017-7802


CVE-2017-7803


CVE-2017-7805


CVE-2017-7807


CVE-2017-7809


CVE-2017-7810


CVE-2017-7814


CVE-2017-7818


CVE-2017-7819


CVE-2017-7823


CVE-2017-7824


CVE-2017-7825

CVE-2017-7826
CVE-2017-7828
CVE-2017-7829
CVE-2017-7830
CVE-2017-7846
CVE-2017-7847
CVE-2017-7848
CVE-2018-5089
CVE-2018-5095
CVE-2018-5096
CVE-2018-5097
CVE-2018-5098
CVE-2018-5099
CVE-2018-5102
CVE-2018-5103
CVE-2018-5104
CVE-2018-5117

Mozilla Foundation Security Advisory 2017-20


Mozilla Foundation Security Advisory 2017-23


Mozilla Foundation Security Advisory 2017-26


Mozilla Foundation Security Advisory 2017-30


Mozilla Foundation Security Advisory 2018-04
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum