Mageia: 2019-0201 Moderate: Thunderbird Array Confusion and Sandbox Issue

mageia

July 2, 2019

Updated thunderbird packages fix security vulnerabilities: Type confusion in Array.pop

Summary

Updated thunderbird packages fix security vulnerabilities:
Type confusion in Array.pop. (CVE-2019-11707)
Sandbox escape using Prompt:Open. (CVE-2019-11708)

References

- https://bugs.mageia.org/show_bug.cgi?id=24995

- https://www.thunderbird.net/en-US/thunderbird/60.7.2/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/

- https://www.cve.org/CVERecord?id=CVE-2019-11707

- https://www.cve.org/CVERecord?id=CVE-2019-11708

Topics Covered

security advisory update thunderbird Mageia sandbox issue array confusion

Resolution

SRPMS

- 6/core/thunderbird-60.7.2-1.mga6

- 6/core/thunderbird-l10n-60.7.2-1.mga6

- 7/core/thunderbird-60.7.2-1.mga7

- 7/core/thunderbird-l10n-60.7.2-1.mga7

Publication date: 02 Jul 2019

URL: https://advisories.mageia.org/MGASA-2019-0201.html

Type: security

CVE: CVE-2019-11707, CVE-2019-11708

Topics Covered

security advisory update thunderbird Mageia sandbox issue array confusion

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2019-0201 Moderate: Thunderbird Array Confusion and Sandbox Issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2019-0201 Moderate: Thunderbird Array Confusion and Sandbox Issue

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!