MGASA-2016-0115
Vulnerability Summary
Timeline
Description
Updated thunderbird packages fix security vulnerabilities Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966). Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause it to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802).
Affected Systems
- mageia•thunderbird
< 38.7.0-1.mga5
- mageia•thunderbird-l10n
< 38.7.0-1.mga5
References (13)
- https://advisories.mageia.org/MGASA-2016-0115.html
- https://bugs.mageia.org/show_bug.cgi?id=18006
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/
- https://rhn.redhat.com/errata/RHSA-2016-0460.html