Описание
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 102.10.0.
Security Fix(es):
-
Thunderbird: Revocation status of S/Mime recipient certificates was not checked (CVE-2023-0547)
-
Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (CVE-2023-28427)
-
Mozilla: Fullscreen notification obscured (CVE-2023-29533)
-
Mozilla: Potential Memory Corruption following Garbage Collector compaction (CVE-2023-29535)
-
Mozilla: Invalid free from JavaScript code (CVE-2023-29536)
-
Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 (CVE-2023-29550)
-
Mozilla: Memory Corruption in Safe Browsing Code (CVE-2023-1945)
-
Thunderbird: Hang when processing certain OpenPGP messages (CVE-2023-29479)
-
Mozilla: Content-Disposition filename truncation leads to Reflected File Download (CVE-2023-29539)
-
Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux (CVE-2023-29541)
-
Mozilla: Incorrect optimization result on ARM64 (CVE-2023-29548)
-
MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp (BZ#2186102)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 9
Ссылки на источники
Исправления
- Red Hat - 2183278
- Red Hat - 2186101
- Red Hat - 2186102
- Red Hat - 2186103
- Red Hat - 2186104
- Red Hat - 2186105
- Red Hat - 2186106
- Red Hat - 2186109
- Red Hat - 2186110
- Red Hat - 2186111
- Red Hat - 2186734
- Red Hat - 2186735
