RHSA-2023:4497-01 -- Redhat thunderbirdID: oval:org.secpod.oval:def:507889 | Date: (C)2023-08-10 (M)2024-02-19 |
Class: PATCH | Family: unix |
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fix: * Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions * Mozilla: Incorrect value used during WASM compilation * Mozilla: Potential permissions request bypass via clickjacking * Mozilla: Crash in DOMParser due to out-of-memory conditions * Mozilla: Fix potential race conditions when releasing platform objects * Mozilla: Stack buffer overflow in StorageManager * Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 * Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1 * thunderbird: File Extension Spoofing using the Text Direction Override Character * Mozilla: Cookie jar overflow caused unexpected cookie jar state For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 8 |