Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.4.1.
Security Fix(es):
* Mozilla: Queued up rendering could have allowed websites to clickjack (CVE-2023-5721)
* Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4 (CVE-2023-5730)
* libvpx: crash related to VP9 encoding in libvpx (CVE-2023-44488)
* Mozilla: Large WebGL draw could have led to a crash (CVE-2023-5724)
* Mozilla: WebExtensions could open arbitrary URLs (CVE-2023-5725)
* Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash. (CVE-2023-5728)
* Mozilla: Address bar spoofing via bidirectional characters (CVE-2023-5732)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
thunderbird-115.4.1-1.el8_8.alma.plus.aarch64.rpm |
6564a89039595f1bee7b6f5e40232dc9ac17d7d6c7e3c85fc1e2d8c772955a81 |
| aarch64 |
thunderbird-115.4.1-1.el8_8.alma.1.aarch64.rpm |
88dc1b156cd0e8b5d446f0ae6ae113ca9f89a4439b441cff312f308163890329 |
| ppc64le |
thunderbird-115.4.1-1.el8_8.alma.1.ppc64le.rpm |
7f2b82a52098221dcd985712be7f55817f5df271aadd820aeeff99bb10361b8b |
| ppc64le |
thunderbird-115.4.1-1.el8_8.alma.plus.ppc64le.rpm |
f0632a560c3f39ec3446c6a3ffe485760799016a935d59f0b269d4b86083b9e9 |
| s390x |
thunderbird-115.4.1-1.el8_8.alma.plus.s390x.rpm |
7d16348181ba3d58c5976bbe2cd65d9e5c875d9827ae5927fe4fad3bdce6d219 |
| s390x |
thunderbird-115.4.1-1.el8_8.alma.1.s390x.rpm |
d086d17ae54e5d4e25a3ac01f3a5680385d1c7070e1fcff22a4f7fdcb7d375a1 |
| x86_64 |
thunderbird-115.4.1-1.el8_8.alma.plus.x86_64.rpm |
01cbc04cc9c501cf8e9a22b335cff52e784ec694da04b04b44d1d613a10e6f7f |
| x86_64 |
thunderbird-115.4.1-1.el8_8.alma.1.x86_64.rpm |
9cf86f6fe15bd19f9e012fe50f53b523636d7a890211563632227e7c08ec64ae |
