exploitDog

RLSA-2022:6164

Опубликовано: 24 авг. 2022

Источник: rocky

Оценка: Important

Описание

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 91.13.0.

Security Fix(es):

Mozilla: Address bar spoofing via XSLT error handling (CVE-2022-38472)
Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions (CVE-2022-38473)
Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 (CVE-2022-38477)
Mozilla: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 (CVE-2022-38478)
Mozilla: Data race and potential use-after-free in PK11_ChangePW (CVE-2022-38476)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Наименование	Архитектура	Релиз	RPM
thunderbird	x86_64	1.el8_6	thunderbird-91.13.0-1.el8_6.x86_64.rpm

Показывать по

Связанные CVE

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2120673
Red Hat - 2120673
https://bugzilla.redhat.com/show_bug.cgi?id=2120674
Red Hat - 2120674
https://bugzilla.redhat.com/show_bug.cgi?id=2120678
Red Hat - 2120678
https://bugzilla.redhat.com/show_bug.cgi?id=2120695
Red Hat - 2120695
https://bugzilla.redhat.com/show_bug.cgi?id=2120696
Red Hat - 2120696

Связанные уязвимости

RLSA-2022:6175

rocky

больше 3 лет назад

Important: firefox security update

ELSA-2022-6179

oracle-oval

больше 3 лет назад

ELSA-2022-6179: firefox security update (IMPORTANT)

ELSA-2022-6175

oracle-oval

больше 3 лет назад

ELSA-2022-6175: firefox security update (IMPORTANT)

ELSA-2022-6174

oracle-oval

больше 3 лет назад

ELSA-2022-6174: firefox security update (IMPORTANT)

ELSA-2022-6169

oracle-oval

больше 3 лет назад

ELSA-2022-6169: thunderbird security update (IMPORTANT)