Linux Security
    Linux Security
    Linux Security

    RedHat: RHSA-2020-5146:01 Important: thunderbird security update

    Date 18 Nov 2020
    329
    Posted By LinuxSecurity Advisories
    An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Important: thunderbird security update
    Advisory ID:       RHSA-2020:5146-01
    Product:           Red Hat Enterprise Linux
    Advisory URL:      https://access.redhat.com/errata/RHSA-2020:5146
    Issue date:        2020-11-18
    CVE Names:         CVE-2020-26950 
    =====================================================================
    
    1. Summary:
    
    An update for thunderbird is now available for Red Hat Enterprise Linux 8.
    
    Red Hat Product Security has rated this update as having a security impact
    of Important. A Common Vulnerability Scoring System (CVSS) base score,
    which gives a detailed severity rating, is available for each vulnerability
    from the CVE link(s) in the References section.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, x86_64
    
    3. Description:
    
    Mozilla Thunderbird is a standalone mail and newsgroup client.
    
    This update upgrades Thunderbird to version 78.4.3.
    
    Security Fix(es):
    
    * Mozilla: Write side effects in MCallGetProperty opcode not accounted for
    (CVE-2020-26950)
    
    For more details about the security issue(s), including the impact, a CVSS
    score, acknowledgments, and other related information, refer to the CVE
    page(s) listed in the References section.
    
    4. Solution:
    
    For details on how to apply this update, which includes the changes
    described in this advisory, refer to:
    
    https://access.redhat.com/articles/11258
    
    All running instances of Thunderbird must be restarted for the update to
    take effect.
    
    5. Bugs fixed (https://bugzilla.redhat.com/):
    
    1896306 - CVE-2020-26950 Mozilla: Write side effects in MCallGetProperty opcode not accounted for
    
    6. Package List:
    
    Red Hat Enterprise Linux AppStream (v. 8):
    
    Source:
    thunderbird-78.4.3-1.el8_3.src.rpm
    
    aarch64:
    thunderbird-78.4.3-1.el8_3.aarch64.rpm
    thunderbird-debuginfo-78.4.3-1.el8_3.aarch64.rpm
    thunderbird-debugsource-78.4.3-1.el8_3.aarch64.rpm
    
    ppc64le:
    thunderbird-78.4.3-1.el8_3.ppc64le.rpm
    thunderbird-debuginfo-78.4.3-1.el8_3.ppc64le.rpm
    thunderbird-debugsource-78.4.3-1.el8_3.ppc64le.rpm
    
    x86_64:
    thunderbird-78.4.3-1.el8_3.x86_64.rpm
    thunderbird-debuginfo-78.4.3-1.el8_3.x86_64.rpm
    thunderbird-debugsource-78.4.3-1.el8_3.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and
    details on how to verify the signature are available from
    https://access.redhat.com/security/team/key/
    
    7. References:
    
    https://access.redhat.com/security/cve/CVE-2020-26950
    https://access.redhat.com/security/updates/classification/#important
    
    8. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2020 Red Hat, Inc.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1
    
    iQIVAwUBX7Ur/9zjgjWX9erEAQgAEA//REnUwcey9ABNZ4n4QyvWva7KlD+VOihp
    z7H79Dysk6/qpel4VP4EoO3W1fWcX7cYBk02QLcuy764O8veDA6xhfX//5ajgSlc
    AmzxIXYZvDuZEwIP1MSqd9RZ5pDQcjDqqUiAv4qr/KX4FR1GTHMiGXT8HGY73oHX
    Mcawmk+a9hf6kLeA84y7C7f5fLLXrmGNkm5zuuMz46O9YSZvDImij759meU32ghc
    nikYV128GcgSU0wH91vkRbnRT9shjDf2dqx8uvKrcStX3H1wN77+Zo7t2ggeU+M3
    LOJu8TBD0Ne8bu4edG3lfoypPxAXN4Q/s+Qzj0rsoEcTrVwcYCyF8hyqFsejztt6
    E1+EYDRpxwBstSwtb2B0Kl54UdOP1lQ0dqzrgEVd8efx40m8Zg8TRh8DRDkbDCC2
    606vhpLaAoXQgtfkRXGy+/lW4dSeQ44wmJT328BXHzZFeXIRce2jh1tUjPVbmLU5
    T9wtxItywu2zRTSS3By+uTEE8mSOA7WVXb6fGo9LmcAPe2enZ7c1idn4ny6REoLA
    sS1kf7/SORyb1JTo1oruZmYNWt++nSpIS6Pbl4EnBfoSFs4VELCyAtudSnV1BulQ
    P96RgTmTjMpEzLT79Mn3G1JXuNUhW1hTiT5rmte0lGrgG9rJcdNrrQtsPpCt9Dgl
    St9giJqbhZg=
    =H1jm
    -----END PGP SIGNATURE-----
    
    --
    RHSA-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.redhat.com/mailman/listinfo/rhsa-announce
    

    LinuxSecurity Poll

    How long have you been using Linux?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/46-how-long-have-you-been-using-linux?task=poll.vote&format=json
    46
    radio
    [{"id":"160","title":"Just made the switch!","votes":"3","type":"x","order":"1","pct":30,"resources":[]},{"id":"161","title":"1-5 years","votes":"1","type":"x","order":"2","pct":10,"resources":[]},{"id":"162","title":"6-10 years","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"163","title":">10 years - I'm a veteran!","votes":"6","type":"x","order":"4","pct":60,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.