Alerts This Week
Warning Icon 1 483
Alerts This Week
Warning Icon 1 483

Mageia 8 Security Advisory: MGASA-2023-0116 Moderate Thunderbird Update

mageia
Calendar Grey March 24, 2023
Dist Mageia Esm H88
Latest Thunderbird updates address vulnerabilities such as buffer overflows and memory-related defects in Mageia. Discover further details!
Incorrect code generation during JIT compilation

Summary

Incorrect code generation during JIT compilation. (CVE-2023-25751) Potential out-of-bounds when accessing throttled streams. (CVE-20223-25752) Invalid downcast in Worklets. (CVE-2023-28162) URL being dragged from a removed cross-origin iframe into the same tab triggered navigation. (CVE-2023-28164) Memory safety bugs fixed in Thunderbird 102.9. (CVE-2023-28176)

References

- https://bugs.mageia.org/show_bug.cgi?id=31684

- https://www.thunderbird.net/en-US/thunderbird/102.9.0/releasenotes/

- https://www.mozilla.org/en-US/security/advisories/mfsa2023-11/

- https://www.cve.org/CVERecord?id=CVE-2023-25751

- https://www.cve.org/CVERecord?id=CVE-2023-25752

- https://www.cve.org/CVERecord?id=CVE-2023-28162

- https://www.cve.org/CVERecord?id=CVE-2023-28164

- https://www.cve.org/CVERecord?id=CVE-2023-28176

Resolution

SRPMS

- 8/core/thunderbird-102.9.0-1.mga8

- 8/core/thunderbird-l10n-102.9.0-1.mga8

Publication date: 24 Mar 2023
URL: https://advisories.mageia.org/MGASA-2023-0116.html
Type: security
CVE: CVE-2023-25751, CVE-2023-25752, CVE-2023-28162, CVE-2023-28164, CVE-2023-28176

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here