Lucene search

K
altlinuxHttps://packages.altlinux.org/en/sisyphus/security/DE0595C8795786E32BC3A5A4D992D28C
HistoryJan 26, 2023 - 12:00 a.m.

Security fix for the ALT Linux 10 package thunderbird version 102.7.0-alt1

2023-01-2600:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
6
alt linux 10
thunderbird 102.7.0-alt1
security fixes
cve-2022-46871
cve-2023-23598
cve-2023-23599
cve-2023-23601
cve-2023-23602
cve-2022-46877
cve-2023-23603
cve-2023-23605
memory safety bugs

EPSS

0.003

Percentile

72.0%

102.7.0-alt1 built Jan. 26, 2023 Pavel Vasenkov in task #314033

Jan. 24, 2023 Pavel Vasenkov

- New version.
- Security fixes:
  + CVE-2022-46871 libusrsctp library out of date
  + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux
  + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows
  + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation
  + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers
  + CVE-2022-46877 Fullscreen notification bypass
  + CVE-2023-23603 Calls to &LTcode>console.log&LT/code> allowed bypasing Content Security Policy via format directive
  + CVE-2023-23605 Memory safety bugs fixed in Thunderbird 102.7