[ALSA-2024:2888] Important: thunderbird security update
Release date:
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.11.0. Security Fix(es): * firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) * firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) * firefox: Potential permissions request bypass via clickjacking (CVE-2024-4768) * firefox: Cross-origin responses could be distinguished between script and non-script content-types (CVE-2024-4769) * firefox: Use-after-free could occur when printing to PDF (CVE-2024-4770) * firefox: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 (CVE-2024-4777) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 thunderbird-115.11.0-1.el9_4.alma.1.aarch64.rpm 3045304284994154f7735028e6822ad41d7a3b0df07ced48f8616c7d296ee045
ppc64le thunderbird-115.11.0-1.el9_4.alma.1.ppc64le.rpm ac8da7468118bda7a4b56987e666aeeb1585031ddc83bc5f426bf5f046999911
s390x thunderbird-115.11.0-1.el9_4.alma.1.s390x.rpm c9502b1644983b23ece27f85a81724480070c2cca71db00c209a12d7f62edba5
x86_64 thunderbird-115.11.0-1.el9_4.alma.1.x86_64.rpm 0bf83f699f1692358c870fbebb9167933d77fbfbea243a5bfabb3db829e5a13a
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.