Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.4.1.
Security Fix(es):
* Mozilla: Queued up rendering could have allowed websites to clickjack (CVE-2023-5721)
* Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4 (CVE-2023-5730)
* libvpx: crash related to VP9 encoding in libvpx (CVE-2023-44488)
* Mozilla: Large WebGL draw could have led to a crash (CVE-2023-5724)
* Mozilla: WebExtensions could open arbitrary URLs (CVE-2023-5725)
* Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash. (CVE-2023-5728)
* Mozilla: Address bar spoofing via bidirectional characters (CVE-2023-5732)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
thunderbird-115.4.1-1.el9_2.alma.aarch64.rpm |
0456140242b7a5bb7323e8168ba5423f5bb76942815e83606363703344b2a413 |
| aarch64 |
thunderbird-115.4.1-1.el9_2.alma.plus.aarch64.rpm |
9b2887fd3ccb40018ad00d0b34bdb320c1b5953ee7b01d9a907e3eca851a875c |
| ppc64le |
thunderbird-115.4.1-1.el9_2.alma.ppc64le.rpm |
3fd929efb4a4cbdb5cb0fdf1fa3e57fe936fb60858a7ef459ba68712d040bb60 |
| ppc64le |
thunderbird-115.4.1-1.el9_2.alma.plus.ppc64le.rpm |
64c3c5637c8db4e71245e0e23ed117b5c85cc98d4dc8c3e666012bc61b363b31 |
| s390x |
thunderbird-115.4.1-1.el9_2.alma.plus.s390x.rpm |
5ec96dab8a66792160cd66c93a14db65dbe72d648a02186b4990a516d7f0ad91 |
| s390x |
thunderbird-115.4.1-1.el9_2.alma.s390x.rpm |
d4a39453c1e0802218065773e895132f22d34e4983b5adf326991096a7331b9d |
| x86_64 |
thunderbird-115.4.1-1.el9_2.alma.x86_64.rpm |
2782e62ef26f3bfdcba54e0eb9ecf13e64c3ccc31342c8979460a13abf049016 |
| x86_64 |
thunderbird-115.4.1-1.el9_2.alma.plus.x86_64.rpm |
342b0f377135a699b68a5f4c4c8a90e6b9ed6fc6435a3a455a25ef3d3354b24c |
