Updated thunderbird packages fix security vulnerabilities
Publication date: 21 Jul 2024Modification date: 21 Jul 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-6600 , CVE-2024-6601 , CVE-2024-6603 , CVE-2024-6604
Description
Memory corruption in WebGL API. (CVE-2024-6600)
Race condition in permission assignment. (CVE-2024-6601)
Memory corruption in thread creation. (CVE-2024-6603)
Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and
Thunderbird 115.13. (CVE-2024-6604)
References
- https://bugs.mageia.org/show_bug.cgi?id=33406
- https://www.thunderbird.net/en-US/thunderbird/115.13.0/releasenotes/
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6600
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6601
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6603
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6604
SRPMS
9/core
- thunderbird-115.13.0-1.mga9
- thunderbird-l10n-115.13.0-1.mga9