Stay Secure with the Latest Linux Advisories

security advisorysecurity updateimportant

Rocky Linux 9: RLSA-2024:4624 Important: Thunderbird Security Update

Important: thunderbird security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:4624", "synopsis": "Important: thunderbird security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for thunderbird.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* Mozilla: Race condition in permission assignment (CVE-2024-6601)\n\n* Mozilla: Memory corruption in thread creation (CVE-2024-6603)\n\n* Mozilla: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 (CVE-2024-6604)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2296636", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2296636", "description": ""}, {"ticket": "2296638", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2296638", "description": ""}, {"ticket": "2296639", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2296639", "description": ""}], "cves": [{"name": "CVE-2024-6601", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-6601", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-281"}, {"name": "CVE-2024-6603", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-6603", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-119"}, {"name": "CVE-2024-6604", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-6604", "cvss3ScoringVector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-120"}], "references": [], "publishedAt": "2024-07-26T12:33:59.522203Z", "rpms": {"Rocky Linux 9": {"nvras": ["thunderbird-0:115.13.0-3.el9_4.aarch64.rpm", "thunderbird-0:115.13.0-3.el9_4.ppc64le.rpm", "thunderbird-0:115.13.0-3.el9_4.s390x.rpm", "thunderbird-0:115.13.0-3.el9_4.src.rpm", "thunderbird-0:115.13.0-3.el9_4.x86_64.rpm", "thunderbird-debuginfo-0:115.13.0-3.el9_4.aarch64.rpm", "thunderbird-debuginfo-0:115.13.0-3.el9_4.ppc64le.rpm", "thunderbird-debuginfo-0:115.13.0-3.el9_4.s390x.rpm", "thunderbird-debuginfo-0:115.13.0-3.el9_4.x86_64.rpm", "thunderbird-debugsource-0:115.13.0-3.el9_4.aarch64.rpm", "thunderbird-debugsource-0:115.13.0-3.el9_4.ppc64le.rpm", "thunderbird-debugsource-0:115.13.0-3.el9_4.s390x.rpm", "thunderbird-debugsource-0:115.13.0-3.el9_4.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. The latest update for Mozilla Thunderbird on Rocky Linux addresses critical security flaws related to memory safety and permissions issues.. Thunderbird Security Update, Rocky Linux Advisory, Mozilla Vulnerability Fix. . Severity: Important. LinuxSecurity.com Team

Jul 26, 2024 •Important Rocky Linux