ArchLinux: 201612-2: thunderbird: arbitrary code execution
Summary
A use-after-free vulnerability has been discovered in the SVG Animation component of Firefox, leading to arbitrary code execution.
Resolution
Upgrade to 45.5.1-1.
# pacman -Syu "thunderbird>=45.5.1-1"
The problem has been fixed upstream in version 45.5.1.
References
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.5.1 https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ https://access.redhat.com/security/cve/CVE-2016-9079
Workaround
None