Ubuntu 3112-1: Thunderbird vulnerabilities

    Date27 Oct 2016
    CategoryUbuntu
    48
    Posted ByLinuxSecurity Advisories
    Several security issues were fixed in Thunderbird.
    ==========================================================================
    Ubuntu Security Notice USN-3112-1
    October 27, 2016
    
    thunderbird vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 16.10
    - Ubuntu 16.04 LTS
    - Ubuntu 14.04 LTS
    - Ubuntu 12.04 LTS
    
    Summary:
    
    Several security issues were fixed in Thunderbird.
    
    Software Description:
    - thunderbird: Mozilla Open Source mail and newsgroup client
    
    Details:
    
    Catalin Dumitru discovered that URLs of resources loaded after a
    navigation start could be leaked to the following page via the Resource
    Timing API. If a user were tricked in to opening a specially crafted
    website in a browsing context, an attacker could potentially exploit this
    to obtain sensitive information. (CVE-2016-5250)
    
    Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard,
    Steve Fink, Tyson Smith, and Carsten Book discovered multiple memory
    safety issues in Thunderbird. If a user were tricked in to opening a
    specially crafted message, an attacker could potentially exploit these to
    cause a denial of service via application crash, or execute arbitrary
    code. (CVE-2016-5257)
    
    Atte Kettunen discovered a heap buffer overflow during text conversion
    with some unicode characters. If a user were tricked in to opening a
    specially crafted message, an attacker could potentially exploit this to
    cause a denial of service via application crash, or execute arbitrary
    code. (CVE-2016-5270)
    
    Abhishek Arya discovered a bad cast when processing layout with input
    elements in some circumstances. If a user were tricked in to opening a
    specially crafted website in a browsing context, an attacker could
    potentially exploit this to cause a denial of service via application
    crash, or execute arbitrary code. (CVE-2016-5272)
    
    A use-after-free was discovered in web animations during restyling. If a
    user were tricked in to opening a specially crafted website in a browsing
    context, an attacker could potentially exploit this to cause a denial of
    service via application crash, or execute arbitrary code. (CVE-2016-5274)
    
    A use-after-free was discovered in accessibility. If a user were tricked
    in to opening a specially crafted website in a browsing context, an
    attacker could potentially exploit this to cause a denial of service via
    application crash, or execute arbitrary code. (CVE-2016-5276)
    
    A use-after-free was discovered in web animations when destroying a
    timeline. If a user were tricked in to opening a specially crafted
    website in a browsing context, an attacker could potentially exploit this
    to cause a denial of service via application crash, or execute arbitrary
    code. (CVE-2016-5277)
    
    A buffer overflow was discovered when encoding image frames to images in
    some circumstances. If a user were tricked in to opening a specially
    crafted message, an attacker could potentially exploit this to cause a
    denial of service via application crash, or execute arbitrary code.
    (CVE-2016-5278)
    
    Mei Wang discovered a use-after-free when changing text direction. If a
    user were tricked in to opening a specially crafted website in a browsing
    context, an attacker could potentially exploit this to cause a denial of
    service via application crash, or execute arbitrary code. (CVE-2016-5280)
    
    Brian Carpenter discovered a use-after-free when manipulating SVG content
    in some circumstances. If a user were tricked in to opening a specially
    crafted website in a browsing context, an attacker could potentially
    exploit this to cause a denial of service via application crash, or
    execute arbitrary code. (CVE-2016-5281)
    
    An issue was discovered with the preloaded Public Key Pinning (HPKP). If
    a man-in-the-middle (MITM) attacker was able to obtain a fraudulent
    certificate for a Mozilla site, they could exploit this by providing
    malicious addon updates. (CVE-2016-5284)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 16.10:
      thunderbird                     1:45.4.0+build1-0ubuntu0.16.10.1
    
    Ubuntu 16.04 LTS:
      thunderbird                     1:45.4.0+build1-0ubuntu0.16.04.1
    
    Ubuntu 14.04 LTS:
      thunderbird                     1:45.4.0+build1-0ubuntu0.14.04.1
    
    Ubuntu 12.04 LTS:
      thunderbird                     1:45.4.0+build1-0ubuntu0.12.04.1
    
    After a standard system update you need to restart Thunderbird to make
    all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-3112-1
      CVE-2016-5250, CVE-2016-5257, CVE-2016-5270, CVE-2016-5272,
      CVE-2016-5274, CVE-2016-5276, CVE-2016-5277, CVE-2016-5278,
      CVE-2016-5280, CVE-2016-5281, CVE-2016-5284
    
    Package Information:
      https://launchpad.net/ubuntu/+source/thunderbird/1:45.4.0+build1-0ubuntu0.16.10.1
      https://launchpad.net/ubuntu/+source/thunderbird/1:45.4.0+build1-0ubuntu0.16.04.1
      https://launchpad.net/ubuntu/+source/thunderbird/1:45.4.0+build1-0ubuntu0.14.04.1
      https://launchpad.net/ubuntu/+source/thunderbird/1:45.4.0+build1-0ubuntu0.12.04.1
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":53.49,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.63,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":34.88,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.