[ALSA-2023:4954] Important: thunderbird security update
Release date:
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.0. Security Fix(es): * Mozilla: Memory corruption in IPC CanvasTranslator (CVE-2023-4573) * Mozilla: Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574) * Mozilla: Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575) * Mozilla: Memory corruption in JIT UpdateRegExpStatics (CVE-2023-4577) * Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 (CVE-2023-4584) * Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 (CVE-2023-4585) * Mozilla: Full screen notification obscured by file open dialog (CVE-2023-4051) * Mozilla: Full screen notification obscured by external program (CVE-2023-4053) * Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception (CVE-2023-4578) * Mozilla: Push notifications saved to disk unencrypted (CVE-2023-4580) * Mozilla: XLL file extensions were downloadable without warnings (CVE-2023-4581) * Mozilla: Browsing Context potentially not cleared when closing Private Window (CVE-2023-4583) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 thunderbird-102.15.0-1.el8_8.alma.aarch64.rpm c8021a0377e53474c72f384e47fce8c59f6e862f94c8c47b20eb42d5d94145fd
aarch64 thunderbird-102.15.0-1.el8_8.alma.plus.aarch64.rpm ead128c14081eedffc2d23c0abe43c24aaa9d2a39cb7e8bdc0b0fa63c59b5776
ppc64le thunderbird-102.15.0-1.el8_8.alma.plus.ppc64le.rpm aef8d297fd8bbfa2476f0f1d1d22bc9cbacbd2874e6a271ede5ec2b548789724
ppc64le thunderbird-102.15.0-1.el8_8.alma.ppc64le.rpm f7f79c2d1d32b6ea8e2f85e8e1330bcb27cef85aa50c98a927adc1ba1949b5d9
s390x thunderbird-102.15.0-1.el8_8.alma.s390x.rpm 2e9a03ad163dcde635795fd50d1551846dd1eca24310b945734174ae5b661762
s390x thunderbird-102.15.0-1.el8_8.alma.plus.s390x.rpm c047d1ada73c7cdde3c7cd8a4f5f1addf162cd53d370c19a1be263fb4cfed8a9
x86_64 thunderbird-102.15.0-1.el8_8.alma.plus.x86_64.rpm a6b958a7af2d73e54da4ef1773f3cbdfaf70c79c8d40d012f281c2d631454a50
x86_64 thunderbird-102.15.0-1.el8_8.alma.x86_64.rpm f47444b6382876cc4c3995329cc05e90829f3ba68d6f64be2ea19954233612a1
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.