RHSA-2024:0001 -- Redhat thunderbirdID: oval:org.secpod.oval:def:508207 | Date: (C)2024-01-16 (M)2024-02-08 |
Class: PATCH | Family: unix |
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fix: Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 Mozilla: S/MIME signature accepted despite mismatching message date Mozilla: Truncated signed text was shown with a valid OpenPGP signature Mozilla: Symlinks may resolve to smaller than expected buffers Mozilla: Heap buffer overflow in nsTextFragment Mozilla: Use-after-free in PR_GetIdentitiesLayer Mozilla: Potential sandbox escape due to VideoBridge lack of texture validation Mozilla: Heap buffer overflow affected nsWindow::PickerOpen in headless mode Mozilla: Use-after-free in nsDNSService Mozilla: Undefined behavior in ShutdownObserver For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Platform: |
Red Hat Enterprise Linux 9 |