RHSA-2019:1775-01 -- Redhat thunderbirdID: oval:org.secpod.oval:def:503184 | Date: (C)2019-07-17 (M)2024-05-22 |
Class: PATCH | Family: unix |
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.8.0. Security Fix: * Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 * Mozilla: Sandbox escape via installation of malicious language pack * Mozilla: Script injection within domain through inner window reuse * Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * Mozilla: Use-after-free with HTTP/2 cached stream * Mozilla: HTML parsing error can contribute to content XSS * Mozilla: Caret character improperly escaped in origins * Mozilla: Same-origin policy treats all files in a directory as having the same-origin For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 7 |