[Apollo] Advisories Statistics light light Login

RLSA-2024:2888

Security Mirrored from RHSA-2024:2888
Issued at: 2024-06-14
Updated at: 2024-06-14

Synopsis

Important: thunderbird security update



Description

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 115.11.0.

Security Fix(es):

* firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367)

* firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767)

* firefox: Potential permissions request bypass via clickjacking (CVE-2024-4768)

* firefox: Cross-origin responses could be distinguished between script and

non-script content-types (CVE-2024-4769)

* firefox: Use-after-free could occur when printing to PDF (CVE-2024-4770)

* firefox: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and

Thunderbird 115.11 (CVE-2024-4777)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2280382 2280383 2280384 2280385 2280386 2280387

CVEs

CVE-2024-4367 CVE-2024-4767 CVE-2024-4768 CVE-2024-4769 CVE-2024-4770 CVE-2024-4777

Affected packages

Rocky Linux 9 aarch64 - AppStream

thunderbird-0:115.11.0-1.el9_4.aarch64.rpm thunderbird-0:115.11.0-1.el9_4.src.rpm thunderbird-debuginfo-0:115.11.0-1.el9_4.aarch64.rpm thunderbird-debugsource-0:115.11.0-1.el9_4.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

thunderbird-0:115.11.0-1.el9_4.ppc64le.rpm thunderbird-0:115.11.0-1.el9_4.src.rpm thunderbird-debuginfo-0:115.11.0-1.el9_4.ppc64le.rpm thunderbird-debugsource-0:115.11.0-1.el9_4.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

thunderbird-0:115.11.0-1.el9_4.s390x.rpm thunderbird-0:115.11.0-1.el9_4.src.rpm thunderbird-debuginfo-0:115.11.0-1.el9_4.s390x.rpm thunderbird-debugsource-0:115.11.0-1.el9_4.s390x.rpm

Rocky Linux 9 x86_64 - AppStream

thunderbird-0:115.11.0-1.el9_4.src.rpm thunderbird-0:115.11.0-1.el9_4.x86_64.rpm thunderbird-debuginfo-0:115.11.0-1.el9_4.x86_64.rpm thunderbird-debugsource-0:115.11.0-1.el9_4.x86_64.rpm