Updated thunderbird packages fix security vulnerability
Publication date: 14 Jul 2016Modification date: 14 Jul 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-2805 , CVE-2016-2807 , CVE-2016-2818
Description
Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Thunderbird to crash or,
potentially, execute arbitrary code with the privileges of the user
running Thunderbird (CVE-2016-2805, CVE-2016-2807, CVE-2016-2818).
This update provides the next stable branch of Thunderbird, version 45.2.0.
References
- https://bugs.mageia.org/show_bug.cgi?id=18616
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-49/
- https://www.mozilla.org/en-US/thunderbird/45.0/releasenotes/
- https://www.mozilla.org/en-US/thunderbird/45.1.0/releasenotes/
- https://www.mozilla.org/en-US/thunderbird/45.1.1/releasenotes/
- https://www.mozilla.org/en-US/thunderbird/45.2.0/releasenotes/
- https://rhn.redhat.com/errata/RHSA-2016-1041.html
- https://rhn.redhat.com/errata/RHSA-2016-1392.html
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2818
SRPMS
5/core
- thunderbird-45.2.0-1.1.mga5
- thunderbird-l10n-45.2.0-1.mga5