MGASA-2022-0300 - Updated thunderbird packages fix security vulnerability Publication date: 25 Aug 2022 URL: https://advisories.mageia.org/MGASA-2022-0300.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-36319, CVE-2022-36318 Mouse Position spoofing with CSS transforms. (CVE-2022-36319) Directory indexes for bundled resources reflected URL parameters. (CVE-2022-36318) References: - https://bugs.mageia.org/show_bug.cgi?id=30681 - https://www.thunderbird.net/en-US/thunderbird/91.12.0/releasenotes/ - https://www.mozilla.org/en-US/security/advisories/mfsa2022-31/ - https://access.redhat.com/errata/RHSA-2022:5778 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36319 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36318 SRPMS: - 8/core/thunderbird-91.12.0-1.mga8 - 8/core/thunderbird-l10n-91.12.0-1.mga8