Lucene search
RedHatRHSA-2024:1500HistoryMar 25, 2024 - 6:46 p.m.
(RHSA-2024:1500) Moderate: thunderbird security update
2024-03-2518:46:38
access.redhat.com
11
thunderbird
security update
vulnerabilities
rsa timing attack
tls method crash
memory safety bugs
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 115.9.0.
Security Fix(es):
-
nss: timing attack against RSA decryption (CVE-2023-5388)
-
Mozilla: Crash in NSS TLS method (CVE-2024-0743)
-
Mozilla: Leaking of encrypted email subjects to other conversations (CVE-2024-1936)
-
Mozilla: JIT code failed to save return registers on Armv7-A (CVE-2024-2607)
-
Mozilla: Integer overflow could have led to out of bounds write
(CVE-2024-2608) -
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
(CVE-2024-2610) -
Mozilla: Clickjacking vulnerability could have led to a user accidentally
granting permissions (CVE-2024-2611) -
Mozilla: Self referencing object could have potentially led to a
use-after-free (CVE-2024-2612) -
Mozilla: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and
Thunderbird 115.9 (CVE-2024-2614)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | ppc64le | thunderbird | < 115.9.0-1.el8_2 | thunderbird-115.9.0-1.el8_2.ppc64le.rpm |
| RedHat | 8 | x86_64 | thunderbird-debugsource | < 115.9.0-1.el8_2 | thunderbird-debugsource-115.9.0-1.el8_2.x86_64.rpm |
| RedHat | 8 | x86_64 | thunderbird-debuginfo | < 115.9.0-1.el8_2 | thunderbird-debuginfo-115.9.0-1.el8_2.x86_64.rpm |
| RedHat | 8 | ppc64le | thunderbird-debugsource | < 115.9.0-1.el8_2 | thunderbird-debugsource-115.9.0-1.el8_2.ppc64le.rpm |
| RedHat | 8 | ppc64le | thunderbird-debuginfo | < 115.9.0-1.el8_2 | thunderbird-debuginfo-115.9.0-1.el8_2.ppc64le.rpm |
| RedHat | 8 | x86_64 | thunderbird | < 115.9.0-1.el8_2 | thunderbird-115.9.0-1.el8_2.x86_64.rpm |
Related
oraclelinux
oraclelinux
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-25 00:00:00
osv
osv
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-27 04:34:32
redhat
redhat
(RHSA-2024:1498) Moderate: thunderbird security update
2024-03-25 18:33:53
(RHSA-2024:1496) Moderate: thunderbird security update
2024-03-25 18:33:37
(RHSA-2024:1492) Moderate: thunderbird security update
2024-03-25 18:33:00
nessus
nessus
CentOS 8 : thunderbird (CESA-2024:1494)
2024-04-08 00:00:00
RHEL 7 : thunderbird (RHSA-2024:1498)
2024-04-23 00:00:00
Oracle Linux 8 : thunderbird (ELSA-2024-1494)
2024-03-27 00:00:00
almalinux
almalinux
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
Critical: firefox security update
2024-03-25 00:00:00
rocky
rocky
thunderbird security update
2024-03-27 04:34:32
firefox security update
2024-03-27 04:34:32
centos
centos
thunderbird security update
2024-04-03 14:01:39
firefox security update
2024-04-03 14:00:43
openvas
openvas
CentOS: Security Advisory for thunderbird (CESA-2024:1498)
2024-04-04 00:00:00
Debian: Security Advisory (DSA-5644-1)
2024-03-22 00:00:00
Ubuntu: Security Advisory (USN-6717-1)
2024-03-27 00:00:00
debian
debian
[SECURITY] [DLA 3769-1] thunderbird security update
2024-03-23 11:23:00
[SECURITY] [DSA 5644-1] thunderbird security update
2024-03-21 19:22:16
[SECURITY] [DSA 5643-1] firefox-esr security update
2024-03-21 19:19:35
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2024-03-27 22:40:25
Updated nss firefox, nss packages fix security vulnerabilities
2024-03-27 22:24:13
Updated thunderbird packages fix security vulnerability and make improvements
2024-03-12 03:30:17
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-03-26 00:00:00
Firefox vulnerabilities
2024-03-20 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Firefox 124 — Mozilla
2024-03-19 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2024-03-20 00:28:21
[slackware-security] mozilla-firefox
2024-03-20 00:27:50
[slackware-security] mozilla-thunderbird
2024-03-05 21:23:09
kaspersky
kaspersky
KLA65226 Multiple vulnerabilities in Mozilla Thunderbird
2024-03-19 00:00:00
KLA65225 Multiple vulnerabilities in Mozilla Firefox ESR
2024-03-19 00:00:00
KLA65224 Multiple vulnerabilities in Mozilla Firefox
2024-03-19 00:00:00
amazon
amazon
Important: thunderbird
2024-03-27 21:32:00
Low: thunderbird
2024-03-13 20:26:00
prion
prion
Design/Logic Flaw
2024-03-04 22:15:00
redhatcve
redhatcve
debiancve
debiancve
cvelist
cvelist
cve
cve
alpinelinux
alpinelinux
veracode
veracode
Integer Overflow
2024-03-25 01:33:15
Sensitive Information Exposure
2024-03-10 02:43:19
Return-Oriented Programming(ROP)
2024-03-25 01:33:08
ubuntucve
ubuntucve
cgr
cgr
CVE-2024-2607 vulnerabilities
2024-05-19 03:07:16
CVE-2024-2608 vulnerabilities
2024-05-19 03:07:16
CVE-2024-2611 vulnerabilities
2024-05-19 03:07:16
cnvd
cnvd
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14978)
2024-03-21 00:00:00
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14975)
2024-03-21 00:00:00
Code execution vulnerability in multiple Mozilla products (CNVD-2024-14977)
2024-03-21 00:00:00