CESA-2020:5618 -- centos 7 thunderbirdID: oval:org.secpod.oval:def:205719 | Date: (C)2020-12-24 (M)2024-02-19 |
Class: PATCH | Family: unix |
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.6.0. Security Fix: * chromium-browser: Uninitialized Use in V8 * Mozilla: Heap buffer overflow in WebGL * Mozilla: CSS Sanitizer performed incorrect sanitization * Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free * Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 * Mozilla: Internal network hosts could have been probed by a malicious webpage * Mozilla: The proxy.onRequest API did not catch view-source URLs For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.