Debian Bug report logs -
#898631
thunderbird: still efail attack issue possible against S/MIME and PGP/MIME in some circumstances
Package:
src:thunderbird;
Maintainer for src:thunderbird is Carsten Schoenert <cschoenert@t-onlinede>;
Reported by: Yves-Alexis Perez <corsac@debianorg>
Date: Mon, 14 May 2018 13:18:05 U ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Critical: firefox security update
Type/Severity
Security Advisory: Critical
Topic
An update for firefox is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Synopsis
Critical: firefox security update
Type/Severity
Security Advisory: Critical
Topic
An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, wh ...
Several security issues were fixed in Spidermonkey ...
Several security issues were fixed in Thunderbird ...
USN-3645-1 caused a regression in Firefox ...
Firefox could be made to crash or run programs as your login if it
opened a malicious website ...
The following CVEs are fixed in the updated thunderbird package:
CVE-2018-5161: Hang via malformed headersCVE-2018-5162: Encrypted mail leaks plaintext through src attributeCVE-2018-5183: Backport critical security fixes in SkiaCVE-2018-5155: Use-after-free with SVG animations and text pathsCVE-2018-5170: Filename spoofing for external attachmentsC ...
Memory safety bugs were reported in Firefox 59, Firefox ESR 527, and Thunderbird 527 Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code This vulnerability affects Thunderbird < 528, Thunderbird ESR < 528, Firefox < 60, and Firefox ...
Several memory safety bugs have been found in Firefox before 600 and Thunderbird before 528 Some of these bugs showed evidence of memory corruption and Mozilla presumes that with enough effort some of these could be exploited to run arbitrary code ...
Mozilla Foundation Security Advisory 2018-13
Security vulnerabilities fixed in Thunderbird 528
Announced
May 18, 2018
Impact
critical
Products
Thunderbird
Fixed in
Thunderbird 528
...
Mozilla Foundation Security Advisory 2018-11
Security vulnerabilities fixed in Firefox 60
Announced
May 9, 2018
Impact
critical
Products
Firefox
Fixed in
Firefox 60
...
Mozilla Foundation Security Advisory 2018-12
Security vulnerabilities fixed in Firefox ESR 528
Announced
May 9, 2018
Impact
critical
Products
Firefox ESR
Fixed in
Firefox ESR 528
...