Updated thunderbird packages fix security vulnerabilities
Publication date: 24 Aug 2017Modification date: 24 Aug 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-7779 , CVE-2017-7800 , CVE-2017-7801 , CVE-2017-7753 , CVE-2017-7784 , CVE-2017-7785 , CVE-2017-7786 , CVE-2017-7787 , CVE-2017-7792 , CVE-2017-7802 , CVE-2017-7807 , CVE-2017-7809 , CVE-2017-7791 , CVE-2017-7803
Description
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2017-7779, CVE-2017-7800, CVE-2017-7801, CVE-2017-7753, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7792, CVE-2017-7802, CVE-2017-7807, CVE-2017-7809, CVE-2017-7791, CVE-2017-7803).
References
- https://bugs.mageia.org/show_bug.cgi?id=21547
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-20/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
- https://access.redhat.com/errata/RHSA-2017:2534
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7779
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7800
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7801
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7753
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7784
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7785
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7786
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7787
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7792
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7802
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7807
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7809
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7791
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7803
SRPMS
5/core
- thunderbird-52.3.0-1.mga5
- thunderbird-l10n-52.3.0-1.mga5
6/core
- thunderbird-52.3.0-1.mga6
- thunderbird-l10n-52.3.0-1.mga6