SciLinux: SLSA-2019-1626-1 Important: thunderbird on SL7.x x86_64
Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape usi...
Summary
Important: thunderbird security update
Security Fixes
* Mozilla: Type confusion in Array.pop (CVE-2019-11707)
* thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in
icalrecur.c (CVE-2019-11705)
* Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708)
* thunderbird: Heap buffer over read in icalparser.c parser_get_next_char
(CVE-2019-11703)
* thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote
function in icalvalue.c (CVE-2019-11704)
* thunderbird: Type confusion in icaltimezone_get_vtimezone_properties
function in icalproperty.c (CVE-2019-11706)
SL7
x86_64
thunderbird-60.7.2-2.el7_6.x86_64.rpm
thunderbird-debuginfo-60.7.2-2.el7_6.x86_64.rpm
- Scientific Linux Development Team
Severity
Advisory ID: SLSA-2019:1626-1
Issued Date: : 2019-06-27
CVE Numbers: None
