Oval Definition:oval:com.redhat.rhsa:def:20170238
Revision Date:2017-02-02Version:637
Title:RHSA-2017:0238: thunderbird security update (Important)
Description:Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 45.7.0.

Security Fix(es):

  • Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5390, CVE-2017-5396)

    Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jann Horn, Filipe Gomes, Nils, Armin Razmjou, Christian Holler, Gary Kwong, Andre Bargull, Jan de Mooij, Tom Schuster, Oriol, Rh0, Nicolas Gregoire, and Jerri Rice as the original reporters.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-5373
    CVE-2017-5375
    CVE-2017-5376
    CVE-2017-5378
    CVE-2017-5380
    CVE-2017-5383
    CVE-2017-5390
    CVE-2017-5396
    RHSA-2017:0238
    RHSA-2017:0238-00
    RHSA-2017:0238-01
    RHSA-2017:0238-01
    Platform(s):Red Hat Enterprise Linux 5
    Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND thunderbird is earlier than 0:45.7.0-1.el5_11
  • AND thunderbird is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND thunderbird is earlier than 0:45.7.0-1.el6_8
  • AND thunderbird is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND thunderbird is earlier than 0:45.7.0-1.el7_3
  • AND thunderbird is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 5 is installed
  • AND thunderbird is earlier than 0:45.7.0-1.el5_11
  • AND thunderbird is signed with Red Hat redhatrelease key
  • OR Package Information
  • thunderbird is earlier than 0:45.7.0-1.el6_8
  • AND thunderbird is signed with Red Hat redhatrelease2 key
  • AND
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
  • OR Package Information
  • thunderbird is earlier than 0:45.7.0-1.el7_3
  • AND thunderbird is signed with Red Hat redhatrelease2 key
  • AND
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
    • BACK