Advisories » MGASA-2016-0330

Updated thunderbird packages fix security vulnerability

Publication date: 28 Sep 2016
Modification date: 28 Sep 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-2836

Description

Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Thunderbird to crash or,
potentially, execute arbitrary code with the privileges of the user
running Thunderbird (CVE-2016-2836).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=19450
• https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
• https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
• https://rhn.redhat.com/errata/RHSA-2016-1809.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2836

SRPMS

5/core

• thunderbird-45.3.0-2.mga5
• thunderbird-l10n-45.3.0-1.mga5