ALSA-2023:3587

[ALSA-2023:3587] Important: thunderbird security update

Type:

security

Severity:

important

Release date:

2023-06-21

Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.12.0.

Security Fix(es):

* Mozilla: Click-jacking certificate exceptions through rendering lag (CVE-2023-34414)
* Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 (CVE-2023-34416)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	thunderbird-102.12.0-1.el9_2.alma.aarch64.rpm	0a01fb05e6350c2b309ededaa89cdf1615922f5a644bfeab27989f0939d69e76
ppc64le	thunderbird-102.12.0-1.el9_2.alma.ppc64le.rpm	187da1caa9e90c9541ba2d9a2714baad9246f10618316e3da69561ff9a58963b
s390x	thunderbird-102.12.0-1.el9_2.alma.s390x.rpm	f6355d6eaf70448b6476f8db90a478621c91dcfbddca5bc74d804d18e302cf48
x86_64	thunderbird-102.12.0-1.el9_2.alma.x86_64.rpm	3901900ee2fc50e09c7a29a1e3b447352319367835f09ae0c4a61a9072162434

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.