SciLinux: Important: thunderbird on SL6.x i386/x86_64

    Date04 Jun 2019
    478
    Posted ByLinuxSecurity Advisories
    Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) * Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817) * Mozilla: Compartment mismatch with fetch API (CVE-2019-9819) * Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820) * Mozilla: Use-a [More...]
    Synopsis:          Important: thunderbird security update
    Advisory ID:       SLSA-2019:1310-1
    Issue Date:        2019-06-04
    CVE Numbers:       None
    --
    
    Security Fix(es):
    
    * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7
    (CVE-2019-9800)
    
    * Mozilla: Cross-origin theft of images with createImageBitmap
    (CVE-2019-9797)
    
    * Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817)
    
    * Mozilla: Compartment mismatch with fetch API (CVE-2019-9819)
    
    * Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820)
    
    * Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691)
    
    * Mozilla: Use-after-free removing listeners in the event listener manager
    (CVE-2019-11692)
    
    * Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693)
    
    * mozilla: Cross-origin theft of images with ImageBitmapRenderingContext
    (CVE-2018-18511)
    
    * chromium-browser: Out of bounds read in Skia (CVE-2019-5798)
    
    * Mozilla: Theft of user history data through drag and drop of hyperlinks
    to and from bookmarks (CVE-2019-11698)
    
    * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
    --
    
    SL6
      x86_64
        thunderbird-60.7.0-1.el6_10.x86_64.rpm
        thunderbird-debuginfo-60.7.0-1.el6_10.x86_64.rpm
      i386
        thunderbird-60.7.0-1.el6_10.i686.rpm
        thunderbird-debuginfo-60.7.0-1.el6_10.i686.rpm
    
    - Scientific Linux Development Team
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Have you used our RSS feeds?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    21
    radio
    [{"id":"77","title":"Yes, for articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"78","title":"Yes, for advisories","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"79","title":"Hybrid that contains both","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"80","title":"No","votes":"0","type":"x","order":"4","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.