[ALSA-2023:4063] Important: thunderbird security update
Type:
security
Severity:
important
Release date:
2023-07-14
Description:
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.13.0. Security Fix(es): * Mozilla: Use-after-free in WebRTC certificate generation (CVE-2023-37201) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-37202) * Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 (CVE-2023-37211) * Mozilla: Fullscreen notification obscured (CVE-2023-37207) * Mozilla: Lack of warning when opening Diagcab files (CVE-2023-37208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 thunderbird-102.13.0-2.el8_8.alma.aarch64.rpm 7e6d72dad250d07a987f6551ad8081fdb1fa86a8298ef51c2a2abc1f92170096
ppc64le thunderbird-102.13.0-2.el8_8.alma.ppc64le.rpm 9195e18afe16bb95b74d1b5df6b2ac86dd5b8ed4ab2aec8885149ee57f0396e4
s390x thunderbird-102.13.0-2.el8_8.alma.s390x.rpm 95af641a1478d238f532beb51b38ff7be8e61832b97334e399a8601174237873
x86_64 thunderbird-102.13.0-2.el8_8.alma.x86_64.rpm c14404d32b36cb56181a0addcab0890e9772e04593826f662f0b1d2589119218
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.