CESA-2023:1806 -- centos 7 thunderbirdID: oval:org.secpod.oval:def:206025 | Date: (C)2023-05-16 (M)2024-03-27 |
Class: PATCH | Family: unix |
Security Fix: Thunderbird: Revocation status of S/Mime recipient certificates was not checked Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack Mozilla: Fullscreen notification obscured Mozilla: Potential Memory Corruption following Garbage Collector compaction Mozilla: Invalid free from JavaScript code Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 Mozilla: Memory Corruption in Safe Browsing Code Thunderbird: Hang when processing certain OpenPGP messages Mozilla: Content-Disposition filename truncation leads to Reflected File Download Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux Mozilla: Incorrect optimization result on ARM64 MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.