CESA-2020:0574 -- centos 6 thunderbirdID: oval:org.secpod.oval:def:205449 | Date: (C)2020-03-06 (M)2023-12-20 |
Class: PATCH | Family: unix |
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.5.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 * Mozilla: Out-of-bounds read when processing certain email messages * Mozilla: Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords * Mozilla: Crash processing S/MIME messages with multiple signatures * Mozilla: Incorrect parsing of template tag could result in JavaScript injection * Mozilla: Message ID calculation was based on uninitialized data For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.