Advisories » MGASA-2017-0139

Updated thunderbird packages fix security vulnerability

Publication date: 10 May 2017
Modification date: 10 May 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-5429 , CVE-2017-5432 , CVE-2017-5433 , CVE-2017-5434 , CVE-2017-5435 , CVE-2017-5436 , CVE-2017-5438 , CVE-2017-5439 , CVE-2017-5440 , CVE-2017-5441 , CVE-2017-5442 , CVE-2017-5443 , CVE-2017-5444 , CVE-2017-5445 , CVE-2017-5446 , CVE-2017-5447 , CVE-2017-5449 , CVE-2017-5451 , CVE-2017-5454 , CVE-2017-5459 , CVE-2017-5460 , CVE-2017-5464 , CVE-2017-5465 , CVE-2017-5466 , CVE-2017-5467 , CVE-2017-5469

Description

Multiple flaws were found in the processing of malformed web content. A
web page containing malicious content could cause Thunderbird to crash or,
potentially, execute arbitrary code with the privileges of the user
running Thunderbird (CVE-2017-5429, CVE-2017-5432, CVE-2017-5433,
CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5438, CVE-2017-5439,
CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444,
CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5449, CVE-2017-5451,
CVE-2017-5454, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465,
CVE-2017-5466, CVE-2017-5467, CVE-2017-5469).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=20749
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/
• https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
• https://rhn.redhat.com/errata/RHSA-2017-1201.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5429
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5432
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5433
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5434
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5435
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5436
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5438
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5439
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5440
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5441
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5442
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5443
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5444
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5445
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5446
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5447
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5449
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5451
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5454
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5459
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5460
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5464
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5465
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5466
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5467
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5469

SRPMS

5/core

• thunderbird-52.1.0-1.mga5
• thunderbird-l10n-52.1.0-1.mga5