Описание
Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
-
firefox: thunderbird: Large branch table could lead to truncated instruction (CVE-2025-8028)
-
firefox: thunderbird: Memory safety bugs (CVE-2025-8035)
-
firefox: thunderbird: Incorrect URL stripping in CSP reports (CVE-2025-8031)
-
firefox: thunderbird: JavaScript engine only wrote partial return value to stack (CVE-2025-8027)
-
firefox: thunderbird: Potential user-assisted code execution in ?Copy as cURL? command (CVE-2025-8030)
-
firefox: Memory safety bugs (CVE-2025-8034)
-
firefox: thunderbird: Incorrect JavaScript state machine for generators (CVE-2025-8033)
-
firefox: thunderbird: XSLT documents could bypass CSP (CVE-2025-8032)
-
firefox: thunderbird: javascript: URLs executed on object and embed tags (CVE-2025-8029)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 8
Ссылки на источники
Исправления
- Red Hat - 2382701
- Red Hat - 2382703
- Red Hat - 2382704
- Red Hat - 2382707
- Red Hat - 2382710
- Red Hat - 2382711
- Red Hat - 2382717
- Red Hat - 2382718
- Red Hat - 2382720
