Oval Definition:oval:com.redhat.rhsa:def:20172885
Revision Date:2017-10-11Version:635
Title:RHSA-2017:2885: thunderbird security update (Important)
Description:Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 52.4.0.

Security Fix(es):

  • Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7810, CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, CVE-2017-7814, CVE-2017-7823)

    Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Jan de Mooij, Jason Kratzer, Randell Jesup, Tom Ritter, Tyson Smith, Sebastian Hengst, Abhishek Arya, Nils, Omair, Andre Weissflog, François Marier, and Jun Kokatsu as the original reporters.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-7793
    CVE-2017-7810
    CVE-2017-7814
    CVE-2017-7818
    CVE-2017-7819
    CVE-2017-7823
    CVE-2017-7824
    RHSA-2017:2885
    RHSA-2017:2885-00
    RHSA-2017:2885-01
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND thunderbird is earlier than 0:52.4.0-2.el6_9
  • AND thunderbird is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND thunderbird is earlier than 0:52.4.0-2.el7_4
  • AND thunderbird is signed with Red Hat redhatrelease2 key
    • BACK