| 1 |
type: security |
| 2 |
subject: Updated thunderbird packages fix security vulnerability |
| 3 |
CVE: |
| 4 |
- CVE-2018-5095 |
| 5 |
- CVE-2018-5096 |
| 6 |
- CVE-2018-5097 |
| 7 |
- CVE-2018-5098 |
| 8 |
- CVE-2018-5099 |
| 9 |
- CVE-2018-5102 |
| 10 |
- CVE-2018-5103 |
| 11 |
- CVE-2018-5104 |
| 12 |
- CVE-2018-5117 |
| 13 |
- CVE-2018-5089 |
| 14 |
src: |
| 15 |
5: |
| 16 |
core: |
| 17 |
- thunderbird-52.6.0-1.mga5 |
| 18 |
- thunderbird-l10n-52.6.0-1.mga5 |
| 19 |
6: |
| 20 |
core: |
| 21 |
- thunderbird-52.6.0-1.mga6 |
| 22 |
- thunderbird-l10n-52.6.0-1.mga6 |
| 23 |
description: | |
| 24 |
Integer overflow in Skia library during edge builder allocation. |
| 25 |
(CVE-2018-5095) |
| 26 |
|
| 27 |
Use-after-free while editing form elements. (CVE-2018-5096) |
| 28 |
|
| 29 |
Use-after-free when source document is manipulated during XSLT. |
| 30 |
(CVE-2018-5097) |
| 31 |
|
| 32 |
Use-after-free while manipulating form input elements. (CVE-2018-5098) |
| 33 |
|
| 34 |
Use-after-free with widget listener. (CVE-2018-5099) |
| 35 |
|
| 36 |
Use-after-free in HTML media elements. (CVE-2018-5102) |
| 37 |
|
| 38 |
Use-after-free during mouse event handling. (CVE-2018-5103) |
| 39 |
|
| 40 |
Use-after-free during font face manipulation. (CVE-2018-5104) |
| 41 |
|
| 42 |
URL spoofing with right-to-left text aligned left-to-right. |
| 43 |
(CVE-2018-5117) |
| 44 |
|
| 45 |
Memory safety bugs fixed in Firefox 58, Firefox ESR 52.6, and Thunderbird |
| 46 |
52.6. (CVE-2018-5089) |
| 47 |
references: |
| 48 |
- https://bugs.mageia.org/show_bug.cgi?id=22470 |
| 49 |
- https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/ |
| 50 |
- https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/ |
| 51 |
ID: MGASA-2018-0115 |
Parent Directory
| 
Revision Log