Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Thunderbird.
Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client
Details:
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
bypass security restrictions, obtain sensitive information, cause
undefined behaviour, spoof the browser UI, or execute arbitrary code.
(CVE-2022-22759, CVE-2022-22760, CVE-2022-22761, CVE-2022-22763,
CVE-2022-22764, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384)
It was discovered that extensions of a particular type could auto-update
themselves and bypass the prompt that requests permissions. If a user
were tricked into installing a specially crafted extension, an attacker
could potentially exploit this to bypass security restrictions.
(CVE-2022-22754)
It was discovered that dragging and dropping an...
The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: thunderbird 1:91.7.0+build2-0ubuntu0.21.10.1 Ubuntu 20.04 LTS: thunderbird 1:91.7.0+build2-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: thunderbird 1:91.7.0+build2-0ubuntu0.18.04.1 After a standard system update you need to restart Thunderbird to make all the necessary changes.
https://ubuntu.com/security/notices/USN-5345-1
CVE-2022-0566, CVE-2022-22754, CVE-2022-22756, CVE-2022-22759,
CVE-2022-22760, CVE-2022-22761, CVE-2022-22763, CVE-2022-22764,
CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386,
CVE-2022-26387
Get the latest Linux and open source security news straight to your inbox.