Mozilla Thunderbird was updated to 38.5.0 to fix multiple security issues.
The following vulnerabilities were fixed: (boo#959277)
- CVE-2015-7201: Miscellaneous memory safety hazards
- CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after
being destroyed
- CVE-2015-7212: Integer overflow allocating extremely large textures
- CVE-2015-7205: Underflow through code inspection
- CVE-2015-7213: Integer overflow in MP4 playback in 64-bit versions
- CVE-2015-7222: Integer underflow and buffer overflow processing MP4
metadata in libstagefright
- CVE-2015-7214: Cross-site reading attack through data and view-source
URIs