Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Ubuntu 7066-1: Thunderbird Security Advisory Updates

ubuntu
Calendar Grey October 14, 2024
Scroller Ubuntu
Thunderbird security advisory USN-7066-1 addresses a critical arbitrary code execution risk in Ubuntu's email client.
Thunderbird could be made to crash or run programs if it opened a specially crafted file.

Summary

Thunderbird could be made to crash or run programs if it opened a specially

crafted file.

Software Description:

- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Damien Schaeffer discovered that Thunderbird did not properly manage

certain memory operations when processing content in the Animation

timelines. An attacker could potentially exploit this issue to achieve

arbitrary code execution.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  thunderbird                     1:115.16.0+build2-0ubuntu0.22.04.1

Ubuntu 20.04 LTS
  thunderbird                     1:115.16.0+build2-0ubuntu0.20.04.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7066-1

CVE-2024-9680

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7066-1

Topics%20covered

Topics Covered

No topics assigned

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.