Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.3.1.
Security Fix(es):
* firefox: use-after-free in workers (CVE-2023-3600)
* Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169)
* Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171)
* Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176)
* libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
thunderbird-115.3.1-1.el9_2.alma.plus.aarch64.rpm |
10b4b8aa9e743dc98fc106dae8c0079606169f16890e9ea9ba0eeca681e7c939 |
| aarch64 |
thunderbird-115.3.1-1.el9_2.alma.aarch64.rpm |
2ff7f9986c978b62d06f5a3b57823663b86a6148e3e4e6e3f2b3c1fa2d268d80 |
| ppc64le |
thunderbird-115.3.1-1.el9_2.alma.ppc64le.rpm |
50478017a3004f5fbe399f6f117dc2d95da7bf21939f8c80ed07f9a08c31c336 |
| ppc64le |
thunderbird-115.3.1-1.el9_2.alma.plus.ppc64le.rpm |
f7bdb924d038579dcc5fd45b9ca9eafb4fcb75fab4c3b46c133be245868739a7 |
| s390x |
thunderbird-115.3.1-1.el9_2.alma.s390x.rpm |
5184ae1fccf3ede845b79544f995743b1011e287ebd2aa9892ab52690870ecd1 |
| s390x |
thunderbird-115.3.1-1.el9_2.alma.plus.s390x.rpm |
d63c140a631bcb26dc44ed24690346026feb8b3a4af2bb4cbb8a4a0e32ae061a |
| x86_64 |
thunderbird-115.3.1-1.el9_2.alma.x86_64.rpm |
1c980ce5052c198836ca6cd6367afd3556cd0ea1a139f06b122d366faeae9449 |
| x86_64 |
thunderbird-115.3.1-1.el9_2.alma.plus.x86_64.rpm |
e6d466469b97171e92448a215b3b0b579744fdce86322168a54b710ab9515bce |
