Advisories » MGASA-2017-0477

Updated thunderbird packages fix security vulnerabilities

Publication date: 31 Dec 2017
Modification date: 30 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-7829 , CVE-2017-7846 , CVE-2017-7847 , CVE-2017-7848 , CVE-2017-17843 , CVE-2017-17844 , CVE-2017-17845 , CVE-2017-17846 , CVE-2017-17847 , CVE-2017-17848

Description

Multiple vulnerabilies have been fixed in thunderbird.
* JavaScript Execution via RSS in mailbox:// origin (CVE-2017-7846).
* Local path string can be leaked from RSS feed (CVE-2017-7847).
* RSS Feed vulnerable to new line Injection (CVE-2017-7848).
* Mailsploit From address with encoded null character is cut off in
message header display (CVE-2017-7829).

Multiple vulnerabilies have been fixed in the bundled enigmail package.
* An issue was discovered that allows remote attackers to trigger use of
an intended public key for encryption, because incorrect regular
expressions are used for extraction of an e-mail address from a
comma-separated list (CVE-2017-17843).
* A remote attacker can obtain cleartext content by sending an encrypted
data block to a victim, and relying on the victim to automatically
decrypt that block and then send it back to the attacker as quoted text
(CVE-2017-17844).
* An issue was discovered where Improper Random Secret Generation occurs
because Math.Random() is used by pretty Easy privacy (pEp)
(CVE-2017-17845).
* An issue was discovered where regular expressions are exploitable for
Denial of Service, because of attempts to match arbitrarily long strings
(CVE-2017-17846).
* An issue was discovered that signature spoofing is possible because
the UI does not properly distinguish between an attachment signature,
and a signature that applies to the entire containing message
(CVE-2017-17847).
* In a variant of CVE-2017-17847, signature spoofing is possible for
multipart/related messages because a signed message part can be
referenced with a cid: URI but not actually displayed (CVE-2017-17848)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22251
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-30/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7829
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7846
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7847
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7848
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17843
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17844
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17845
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17846
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17847
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17848

SRPMS

6/core

• thunderbird-52.5.2-1.mga6
• thunderbird-l10n-52.5.2-1.mga6

5/core

• thunderbird-52.5.2-1.mga5
• thunderbird-l10n-52.5.2-1.mga5