Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.5.0.
Security Fix(es):
* Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204)
* Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205)
* Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206)
* Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207)
* Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212)
* Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208)
* Mozilla: Incorrect parsing of relative URLs starting with "///" (CVE-2023-6209)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
thunderbird-115.5.0-1.el9_3.alma.plus.aarch64.rpm |
2f7dc4264c32d069304f399f6f09009ab0ea6615b84e80f9b15d394951cdaa95 |
| aarch64 |
thunderbird-115.5.0-1.el9_3.alma.aarch64.rpm |
89579f2615695b4a7464cc69b61f88937ec19701d5769f8bf9c731e11e7ff394 |
| ppc64le |
thunderbird-115.5.0-1.el9_3.alma.plus.ppc64le.rpm |
0360e7831aafba79eb0a38a9137f8da935b465e5d2f8c50e6727c8a765c4f753 |
| ppc64le |
thunderbird-115.5.0-1.el9_3.alma.ppc64le.rpm |
9cfb2211851cfe3c5082093a505703c0e280f2c2af47bac78199f51b9efad07b |
| s390x |
thunderbird-115.5.0-1.el9_3.alma.plus.s390x.rpm |
9edd8c714b8725fb36e2ed6a5c18f653a60dd52a45518aa20a8a04b02d810de6 |
| s390x |
thunderbird-115.5.0-1.el9_3.alma.s390x.rpm |
f48d10c3f7af0953cf150d6be03763849eeb2c92aa6d196e019ab1fad478f5a8 |
| x86_64 |
thunderbird-115.5.0-1.el9_3.alma.x86_64.rpm |
823f85952938f2a34848eb53501af8a382b7f176c92ac94346629be48b0dde94 |
| x86_64 |
thunderbird-115.5.0-1.el9_3.alma.plus.x86_64.rpm |
9da805ee71ab4f89581b1d8ac5ca870326b8da03cb1e29ba4bcf3880ae8dff89 |
