Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Debian: 9 Iceweasel 52.9.0 Critical: Numerous Vulnerabilities Found

fedora
Calendar Grey November 21, 2008
Dist Fedora Esm H88
This patch tackles various vulnerabilities in Firefox for CentOS 7, enhancing performance and protection.
This update update upgrades thunderbird packages to upstream version 2.0.0.18, which fixes multiple security issues detailed in upstream security advisories:

Summary

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update update upgrades thunderbird packages to upstream version 2.0.0.18,

which fixes multiple security issues detailed in upstream security advisories:

https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird-2.0/

https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird-2.0/

* Wed Nov 19 2008 Christopher Aillon 2.0.0.18-1

- Update to 2.0.0.18

* Thu Oct 9 2008 Christopher Aillon 2.0.0.17-1

- Update to 2.0.0.17

* Wed Jul 23 2008 Christopher Aillon 2.0.0.16-1

- Update to 2.0.0.16

* Thu May 1 2008 Christopher Aillon 2.0.0.14-1

- Update to 2.0.0.14

* Fri Mar 7 2008 Martin Stransky

- updated starting script, fixes #436410

* Tue Feb 26 2008 Christopher Aillon 2.0.0.12-1

- Update to 2.0.0.12

* Thu Nov 15 2007 Christopher Aillon 2.0.0.9-1

- Update to 2.0.0.9

[ 1 ] Bug #463181 - CVE-2008-0016 Mozilla UTF-8 stack buffer overflow

https://bugzilla.redhat.com/show_bug.cgi?id=463181

[ 2 ] Bug #463190 - CVE-2008-4058 Mozilla privilege escalation via XPCnativeWrapper pollution

https://bugzilla.redhat.com/show_bug.cgi?id=463190

[ 3 ] Bug #463198 - CVE-2008-4060 Mozilla privilege escalation via XPCnativeWrapper pollution

https://bugzilla.redhat.com/show_bug.cgi?id=463198

[ 4 ] Bug #463201 - CVE-2008-4062 Mozilla crashes with evidence of memory corruption

https://bugzilla.redhat.com/show_bug.cgi?id=463201

[ 5 ] Bug #463182 - CVE-2008-3835 mozilla: nsXMLDocument::OnChannelRedirect() same-origin violation

https://bugzilla.redhat.com/show_bug.cgi?id=463182

[ 6 ] Bug #463192 - CVE-2008-4059 Mozilla privilege escalation via XPCnativeWrapper pollution

https://bugzilla.redhat.com/show_bug.cgi?id=463192

[ 7 ] Bug #463199 - CVE-2008-4061 Mozilla layout engine crash

https://bugzilla.redhat.com/show_bug.cgi?id=463199

[ 8 ] Bug #463234 - CVE-2008-4065 Mozilla BOM characters stripped from JavaScript before execution

https://bugzilla.redhat.com/show_bug.cgi?id=463234

[ 9 ] Bug #463246 - CVE-2008-4067 Mozilla resource: traversal vulnerability

https://bugzilla.redhat.com/show_bug.cgi?id=463246

[ 10 ] Bug #464041 - CVE-2008-4070 Thunderbird cancelled newsgrop messages

https://bugzilla.redhat.com/show_bug.cgi?id=464041

[ 11 ] Bug #470873 - CVE-2008-5014 Mozilla crash and remote code execution via __proto__ tampering

https://bugzilla.redhat.com/show_bug.cgi?id=470873

[ 12 ] Bug #470883 - CVE-2008-5017 Mozilla crash with evidence of memory corruption

https://bugzilla.redhat.com/show_bug.cgi?id=470883

[ 13 ] Bug #470894 - CVE-2008-5021 Mozilla crash and remote code execution in nsFrameManager

https://bugzilla.redhat.com/show_bug.cgi?id=470894

[ 14 ] Bug #470902 - CVE-2008-5024 Mozilla parsing error in E4X default namespace

https://bugzilla.redhat.com/show_bug.cgi?id=470902

[ 15 ] Bug #463243 - CVE-2008-4066 Mozilla low surrogates stripped from JavaScript before execution

https://bugzilla.redhat.com/show_bug.cgi?id=463243

[ 16 ] Bug #463248 - CVE-2008-4068 Mozilla local HTML file recource: bypass

https://bugzilla.redhat.com/show_bug.cgi?id=463248

[ 17 ] Bug #470864 - CVE-2008-5012 Mozilla Image stealing via canvas and HTTP redirect

https://bugzilla.redhat.com/show_bug.cgi?id=470864

[ 18 ] Bug #470881 - CVE-2008-5016 Mozilla crash with evidence of memory corruption

https://bugzilla.redhat.com/show_bug.cgi?id=470881

[ 19 ] Bug #470884 - CVE-2008-5018 Mozilla crash with evidence of memory corruption

https://bugzilla.redhat.com/show_bug.cgi?id=470884

[ 20 ] Bug #470895 - CVE-2008-5022 Mozilla nsXMLHttpRequest::NotifyEventListeners() same-origin violation

https://bugzilla.redhat.com/show_bug.cgi?id=470895

su -c 'yum update thunderbird' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory software update Fedora package upgrade multiple issues thunderbird

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 8
Version: 2.0.0.18
Release: 1.fc8
URL: https://wiki.mozilla.org/Thunderbird:Home_Page
Summary: Mozilla Thunderbird mail/newsgroup client

Topics%20covered

Topics Covered

security advisory software update Fedora package upgrade multiple issues thunderbird

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here