MGASA-2022-0315 - Updated thunderbird packages fix security vulnerability Publication date: 29 Aug 2022 URL: https://advisories.mageia.org/MGASA-2022-0315.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-38472, CVE-2022-38473, CVE-2022-38478 Address bar spoofing via XSLT error handling (CVE-2022-38472) Cross-origin XSLT Documents would have inherited the parent's permissions (CVE-2022-38473) Memory safety bugs. (CVE-2022-38478) References: - https://bugs.mageia.org/show_bug.cgi?id=30766 - https://www.mozilla.org/en-US/security/advisories/mfsa2022-37/ - https://access.redhat.com/errata/RHSA-2022:6165 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38472 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38473 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38478 SRPMS: - 8/core/thunderbird-91.13.0-1.mga8 - 8/core/thunderbird-l10n-91.13.0-1.mga8