Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Ubuntu 21.10 USN-5393-1 Critical: Thunderbird DoS Threats

Calendar Apr 27, 2022 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service critical ubuntu thunderbird
Several security issues were fixed in Thunderbird. 
=========================================================================Ubuntu Security Notice USN-5393-1
April 27, 2022

thunderbird vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
conduct spoofing attacks, or execute arbitrary code. (CVE-2022-1097,
CVE-2022-1196, CVE-2022-28281, CVE-2022-28282, CVE-2022-28285,
CVE-2022-28286, CVE-2022-28289)

It was discovered that Thunderbird ignored OpenPGP revocation when
importing a revoked key in some circumstances. An attacker could
potentially exploit this by tricking the user into trusting the
authenticity of a message or tricking them into use a revoked key to
send an encrypted message. (CVE-2022-1197)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.10:
  thunderbird                     1:91.8.1+build1-0ubuntu0.21.10.1

Ubuntu 20.04 LTS:
  thunderbird                     1:91.8.1+build1-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:
  thunderbird                     1:91.8.1+build1-0ubuntu0.18.04.1

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5393-1
  CVE-2022-1097, CVE-2022-1196, CVE-2022-1197, CVE-2022-28281,
  CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-28289

Package Information:
  https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.21.10.1
  https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.20.04.1
  https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.18.04.1

Ubuntu 21.10 USN-5393-1 Critical: Thunderbird DoS Threats

ubuntu
Calendar Grey April 27, 2022
Dist Ubuntu Esm H88
Numerous vulnerabilities addressed in Thunderbird for Ubuntu versions. Enhancements promote user confidence and operational efficiency.
Several security issues were fixed in Thunderbird.

Summary

Topics%20covered

Topics Covered

security advisory denial of service critical ubuntu thunderbird

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: thunderbird 1:91.8.1+build1-0ubuntu0.21.10.1 Ubuntu 20.04 LTS: thunderbird 1:91.8.1+build1-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: thunderbird 1:91.8.1+build1-0ubuntu0.18.04.1 After a standard system update you need to restart Thunderbird to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5393-1

CVE-2022-1097, CVE-2022-1196, CVE-2022-1197, CVE-2022-28281,

CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-28289

Severity
critical
Lowest
Low
Medium
High
Critical

April 27, 2022

Topics%20covered

Topics Covered

security advisory denial of service critical ubuntu thunderbird

Package Information

https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.21.10.1 https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.18.04.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here