Mozilla Firefox, SeaMonkey, Thunderbird: Multiple vulnerabilities

2017-01-03T00:00:00
ID GLSA-201701-15
Type gentoo
Reporter Gentoo Foundation
Modified 2017-01-03T00:00:00

Description

Background

Mozilla Firefox is a cross-platform web browser from Mozilla. The Mozilla Thunderbird mail client is a redesign of the Mozilla Mail component. The goal is to produce a cross-platform stand-alone mail application using XUL (XML User Interface Language). SeaMonkey is a free and open-source Internet suite. It is the continuation of the former Mozilla Application Suite, based on the same source code.

Description

Multiple vulnerabilities have been discovered in Mozilla Firefox, SeaMonkey, and Thunderbird. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition via multiple vectors.

Workaround

There is no known workaround at this time.

Resolution

All Firefox users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/firefox-45.6.0"

All Firefox-bin users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/firefox-bin-45.6.0"

All Thunderbird users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-45.6.0"

All Thunderbird-bin users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=mail-client/thunderbird-bin-45.6.0"

All SeaMonkey users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.38"

All SeaMonkey-bin users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.38"