Synopsis: Important: thunderbird security update
Advisory ID: SLSA-2019:0270-1
Issue Date: 2019-02-04
CVE Numbers: CVE-2018-18500
CVE-2018-18501
CVE-2018-18505
CVE-2016-5824
—
This update upgrades Thunderbird to version 60.5.0.
Security Fix(es):
* Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500)
* Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5
(CVE-2018-18501)
* Mozilla: Privilege escalation through IPC channel messages
(CVE-2018-18505)
* libical: Multiple use-after-free vulnerabilities (CVE-2016-5824)
—
SL7
x86_64
thunderbird-60.5.0-1.el7_6.x86_64.rpm
thunderbird-debuginfo-60.5.0-1.el7_6.x86_64.rpm
– Scientific Linux Development Team
