Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.8.0.
Security Fix(es):
* Mozilla: Out-of-bounds memory read in networking channels (CVE-2024-1546)
* Mozilla: Alert dialog could have been spoofed on another site (CVE-2024-1547)
* Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 (CVE-2024-1553)
* Mozilla: Fullscreen Notification could have been hidden by select element (CVE-2024-1548)
* Mozilla: Custom cursor could obscure the permission dialog (CVE-2024-1549)
* Mozilla: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants (CVE-2024-1550)
* Mozilla: Multipart HTTP Responses would accept the Set-Cookie header in response parts (CVE-2024-1551)
* Mozilla: Incorrect code generation on 32-bit ARM devices (CVE-2024-1552)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture |
Package |
Checksum |
aarch64 |
thunderbird-115.8.0-1.el9_3.alma.aarch64.rpm |
df038211b27d5b2a5790c4067ed68ea6ca648ecaa6cb0a3d6bc53ea192998dc8 |
ppc64le |
thunderbird-115.8.0-1.el9_3.alma.ppc64le.rpm |
231ac4ceda7eaccedd665d30a4f2ac1f76601395f951868e37c93395d4faeb63 |
s390x |
thunderbird-115.8.0-1.el9_3.alma.s390x.rpm |
a55928bed8677be281530ed99b6b9c5a261a2277a83ecdbe3bd29ee521d42db4 |
x86_64 |
thunderbird-115.8.0-1.el9_3.alma.x86_64.rpm |
700ae1ba5e311f0dbfeb4d2838e03d6c23e375b9f379eff347d06c7cca4eb7d4 |