Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.5.0.
Security Fix(es):
* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)
* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)
* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)
* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)
* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)
* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)
* Mozilla: Incorrect parsing of relative URLs starting with "///" (CVE-2023-6209)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
thunderbird-115.5.0-1.el8_9.alma.plus.aarch64.rpm |
247cd765503f51f1ecbd0d21ca27d2c3fd2a95461f1d19f9d8c36358692f30af |
| aarch64 |
thunderbird-115.5.0-1.el8_9.alma.1.aarch64.rpm |
d84ba545e7279b25aee2685f0b6be1f841c8d919d9eccaa8b2dfa3ad0632f14f |
| ppc64le |
thunderbird-115.5.0-1.el8_9.alma.1.ppc64le.rpm |
6f06ef0918c606d12633145e4e984e12feee5da3b3da9cab7516bffbaeb918cb |
| ppc64le |
thunderbird-115.5.0-1.el8_9.alma.plus.ppc64le.rpm |
91d9637ecefb85c199d0a777f8e768f5758f836aee8d912d2df88bc08a774668 |
| s390x |
thunderbird-115.5.0-1.el8_9.alma.plus.s390x.rpm |
24aa7da6c32881c904a8c952dbd9b2b0790ecb5f74b0a1d176731db462b2635a |
| s390x |
thunderbird-115.5.0-1.el8_9.alma.1.s390x.rpm |
91198d8ab3e720f03d6a55030d464ac2ccf93bf2c93fc4b8d978ae4fbdbc2e8c |
| x86_64 |
thunderbird-115.5.0-1.el8_9.alma.1.x86_64.rpm |
94b66e132c7984345ef8e715aa3d89d905e8b7eb385cc860e76f3024f43feba6 |
| x86_64 |
thunderbird-115.5.0-1.el8_9.alma.plus.x86_64.rpm |
f8632f0ac829896953c9d5783bea9dbaf76577ecd2a52b3cbb23bd9ff04e5af4 |
