Oval Definition:oval:com.redhat.rhsa:def:20173372
Revision Date:2017-12-04Version:635
Title:RHSA-2017:3372: thunderbird security update (Important)
Description:Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 52.5.0.

Security Fix(es):

  • Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7826, CVE-2017-7828, CVE-2017-7830)

    Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Jon Coppeard, Julien Cristau, Jan de Mooij, Jason Kratzer, Philipp, Nicholas Nethercote, Oriol Brufau, André Bargull, Bob Clary, Jet Villegas, Randell Jesup, Tyson Smith, Gary Kwong, Ryan VanderMeulen, Nils, and Jun Kokatsu as the original reporters.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2017-7826
    CVE-2017-7828
    CVE-2017-7830
    RHSA-2017:3372
    RHSA-2017:3372-00
    RHSA-2017:3372-01
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND thunderbird is earlier than 0:52.5.0-1.el6_9
  • AND thunderbird is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND thunderbird is earlier than 0:52.5.0-1.el7_4
  • AND thunderbird is signed with Red Hat redhatrelease2 key
  • BACK