ArchLinux: 202012-23: thunderbird: multiple issues
Summary
- CVE-2020-16042 (information disclosure)
An uninitialized use security issue has been found in the V8 component
of the chromium browser before version 87.0.4280.88 and Firefox before
84.0.
- CVE-2020-26970 (arbitrary code execution)
When reading SMTP server status codes, Thunderbird before 78.5.1 writes
an integer value to a position on the stack that is intended to contain
just one byte. Depending on processor architecture and stack layout,
this leads to stack corruption that may be exploitable.
- CVE-2020-26971 (arbitrary code execution)
A security issue was found in Firefox before 84.0 and Thunderbird
before 78.6 where certain blit values provided by the user were not
properly constrained, leading to a heap buffer overflow on some video
drivers.
- CVE-2020-26973 (content spoofing)
A security issue was found in Firefox before 84.0 and Thunderbird
before 78.6 where certain input to the CSS Sanitizer confused it,
resulting in incorrect components being removed. This could have been
used as a sanitizer bypass.
- CVE-2020-26974 (arbitrary code execution)
A security issue was found in Firefox before 84.0 and Thunderbird
before 78.6. When flex-basis was used on a table wrapper, a
StyleGenericFlexBasis object could have been incorrectly cast to the
wrong type. This resulted in a heap user-after-free, memory corruption,
and a potentially exploitable crash.
- CVE-2020-26978 (information disclosure)
A security issue was discovered in Firefox before 84.0 and Thunderbird
before 78.6. Using techniques that built on the slipstream research, a
malicious webpage could have exposed both an internal network's hosts
as well as services running on the user's local machine.
- CVE-2020-35111 (information disclosure)
A security issue was discovered in Firefox before 84.0 and Thunderbird
before 78.6. When an extension with the proxy permission registered to
receive
- CVE-2020-35113 (arbitrary code execution)
Mozilla developer Christian Holler reported memory safety bugs present
in Firefox 83, Firefox ESR 78.5 and Thunderbird 78.5. Some of these
bugs showed evidence of memory corruption and Mozilla presumes that
with enough effort some of these could have been exploited to run
arbitrary code.
Resolution
Upgrade to 78.6.0-1.
# pacman -Syu "thunderbird>=78.6.0-1"
The problems have been fixed upstream in version 78.6.0.
References
https://bugs.archlinux.org/task/68853 https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/ https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/ https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.html https://bugs.chromium.org/p/chromium/issues/detail https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-16042 https://bugzilla.mozilla.org/show_bug.cgi?id=1679003 https://www.mozilla.org/en-US/security/advisories/mfsa2020-53/#CVE-2020-26970 https://bugzilla.mozilla.org/show_bug.cgi?id=1677338 https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26971 https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26971 https://bugzilla.mozilla.org/show_bug.cgi?id=1663466 https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26973 https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26973 https://bugzilla.mozilla.org/show_bug.cgi?id=1680084 https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26974 https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26974 https://bugzilla.mozilla.org/show_bug.cgi?id=1681022 https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-26978 https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-26978 https://bugzilla.mozilla.org/show_bug.cgi?id=1677047 https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-35111 https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-35111 https://bugzilla.mozilla.org/show_bug.cgi?id=1657916 https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/#CVE-2020-35113 https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/#CVE-2020-35113 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1664831%2C1673589 https://security.archlinux.org/CVE-2020-16042 https://security.archlinux.org/CVE-2020-26970 https://security.archlinux.org/CVE-2020-26971 https://security.archlinux.org/CVE-2020-26973 https://security.archlinux.org/CVE-2020-26974 https://security.archlinux.org/CVE-2020-26978 https://security.archlinux.org/CVE-2020-35111 https://security.archlinux.org/CVE-2020-35113
Workaround
None.