Security fix for the ALT Linux 10 package thunderbird version 60.7.0-alt1


May 20, 2019 Andrey Cherepanov 60.7.0-alt1 - New version (60.7.0). - Fixed: + CVE-2019-9815 Disable hyperthreading on content JavaScript threads on macOS + CVE-2019-9816 Type confusion with object groups and UnboxedObjects + CVE-2019-9817 Stealing of cross-domain images using canvas + CVE-2019-9818 Use-after-free in crash generation server + CVE-2019-9819 Compartment mismatch with fetch API + CVE-2019-9820 Use-after-free of ChromeEventHandler by DocShell + CVE-2019-11691 Use-after-free in XMLHttpRequest + CVE-2019-11692 Use-after-free removing listeners in the event listener manager + CVE-2019-11693 Buffer overflow in WebGL bufferdata on Linux + CVE-2019-7317 Use-after-free in png_image_free of libpng library + CVE-2019-9797 Cross-origin theft of images with createImageBitmap + CVE-2018-18511 Cross-origin theft of images with ImageBitmapRenderingContext + CVE-2019-11694 Uninitialized memory memory leakage in Windows sandbox + CVE-2019-11698 Theft of user history data through drag and drop of hyperlinks to and from bookmarks + CVE-2019-5798 Out-of-bounds read in Skia + CVE-2019-9800 Memory safety bugs fixed in Firefox 67, Firefox ESR 60.7, and Thunderbird 60.7

Affected Package

OS OS Version Package Name Package Version
ALT Linux 10 thunderbird-102.9.0-alt1.src.rpm 60.7.0-alt1
ALT Linux 10 rpm-build-thunderbird-102.9.0-alt1.x86_64.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-102.9.0-alt1.x86_64.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-wayland-102.9.0-alt1.x86_64.rpm 60.7.0-alt1
ALT Linux 10 rpm-build-thunderbird-102.9.0-alt1.i586.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-102.9.0-alt1.i586.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-wayland-102.9.0-alt1.i586.rpm 60.7.0-alt1
ALT Linux 10 rpm-build-thunderbird-102.9.0-alt1.aarch64.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-102.9.0-alt1.aarch64.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-wayland-102.9.0-alt1.aarch64.rpm 60.7.0-alt1
ALT Linux 10 rpm-build-thunderbird-102.9.0-alt1.ppc64le.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-102.9.0-alt1.ppc64le.rpm 60.7.0-alt1
ALT Linux 10 thunderbird-wayland-102.9.0-alt1.ppc64le.rpm 60.7.0-alt1
ALT Linux 10 i586-thunderbird-102.9.0-alt1.i586.rpm 60.7.0-alt1