Advisories ยป MGASA-2017-0432

Updated thunderbird packages fix security vulnerabilities & bugs

Publication date: 29 Nov 2017
Modification date: 29 Nov 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-7828 , CVE-2017-7830 , CVE-2017-7826

Description

The updated packages fix several bugs and some security issues:

Use-after-free of PressShell while restyling layout. (CVE-2017-7828)

Cross-origin URL information leak through Resource Timing API.
(CVE-2017-7830)

Memory safety bugs fixed in Firefox 57, Firefox ESR 52.5, and
Thunderbird 52.5. (CVE-2017-7826)
                

References

SRPMS

5/core

6/core