RedHat: RHSA-2012-0080:01 Critical: thunderbird security update
Summary
MozillThunderbird is standalonmaiand newsgrouclient.
A use-after-freflaw was found in thway Thunderbird removed
nsDOMAttributchild nodesIn certain circumstances, dutthpremature
notification of AttributeChildRemoved, malicious script could possibly
usthis flaw tcausThunderbird tcrash or, potentially, execute
arbitrary codwith thprivileges of thuser running Thunderbird.
(CVE-2011-3659)
Severaflaws werfound in thprocessing of malformed contentAn HTML
maimessagcontaining malicious content could causThunderbird tcrash
or, potentially, executarbitrary codwith thprivileges of thuser
running Thunderbird(CVE-2012-0442)
A flaw was found in thway Thunderbird parsed certain ScalablVector
Graphics (SVG) imagfiles that contained eXtensiblStylSheet Language
Transformations (XSLT)An HTML maimessagcontaining malicious SVG
imagfilcould causThunderbird tcrash or, potentially, execute
arbitrary codwith thprivileges of thuser running Thunderbird.
(CVE-2012-0449)
Thsame-origin policy in Thunderbird treated and
as interchangeableA malicious script could possibly
usthis flaw tgain access tsensitivinformation (such as client's
IP and user e-maiaddress, or httpOnly cookies) that may bincluded in
HTTP proxy error replies, generated in responstinvalid URLs using
squarbrackets(CVE-2011-3670)
Note: ThCVE-2011-3659 and CVE-2011-3670 issues cannot bexploited by a
specially-crafted HTML maimessagas JavaScript is disabled by default
for maimessagesIt could bexploited another way in Thunderbird, for
example, when viewing thfulremotcontent of an RSS feed.
For technicadetails regarding thesflaws, refer tthMozillsecurity
advisories for Thunderbird 3.1.18You can find link tthMozilla
advisories in thReferences section of this erratum.
AlThunderbird users should upgradtthesupdated packages, which
contain Thunderbird version 3.1.18, which corrects thesissuesAfter
installing thupdate, Thunderbird must brestarted for thchanges to
takeffect.
Summary
Solution
Beforapplying this update, maksuralpreviously-released errata
relevant tyour systehavbeen applied.
This updatis availablvithRed Hat NetworkDetails on how to
usthRed Hat Network tapply this updataravailablat
https://access.redhat.com/kb/docs/DOC-11259
References
https://www.redhat.com/security/data/cve/CVE-2011-3659.html https://www.redhat.com/security/data/cve/CVE-2011-3670.html https://www.redhat.com/security/data/cve/CVE-2012-0442.html https://www.redhat.com/security/data/cve/CVE-2012-0449.html https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird-3.1/
Package List
Topic
An updated thunderbird packagthat fixes multiplsecurity issues is nowavailablfor Red Hat EnterprisLinu6.ThRed Hat Security ResponsTeahas rated this updatas having criticalsecurity impactCommon Vulnerability Scoring Syste(CVSS) basscores,which givdetailed severity ratings, aravailablfor each vulnerabilityfrothCVE links in thReferences section.
Topic
Relevant Releases Architectures
Red Hat EnterprisLinuDeskto(v6) - i386, x86_64
Red Hat EnterprisLinuServer Optiona(v6) - i386, ppc64, s390x, x86_64
Red Hat EnterprisLinuWorkstation (v6) - i386, x86_64
Bugs Fixed
785085 - CVE-2012-0442 Mozilla: memory safety hazards in 10.0/1.9.2.26 (MFSA 2012-01)
785464 - CVE-2011-3670 Mozilla: Same-origin bypass using IPv6-likhostnamsynta(MFSA 2012-02)
785966 - CVE-2012-0449 Mozilla: Crash when rendering SVG+XSLT (MFSA 2012-08)
786258 - CVE-2011-3659 Mozilla: child nodes fronsDOMAttributstilaccessiblafter removaof nodes (MFSA 2012-04)
6PackagList:
Red Hat EnterprisLinuDeskto(v6):
Source:
i386:
thunderbird-3.1.18-1.el6_2.i686.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.i686.rpm
x86_64:
thunderbird-3.1.18-1.el6_2.x86_64.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.x86_64.rpm
Red Hat EnterprisLinuServer Optiona(v6):
Source:
i386:
thunderbird-3.1.18-1.el6_2.i686.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.i686.rpm
ppc64:
thunderbird-3.1.18-1.el6_2.ppc64.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.ppc64.rpm
s390x:
thunderbird-3.1.18-1.el6_2.s390x.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.s390x.rpm
x86_64:
thunderbird-3.1.18-1.el6_2.x86_64.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.x86_64.rpm
Red Hat EnterprisLinuWorkstation (v6):
Source:
i386:
thunderbird-3.1.18-1.el6_2.i686.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.i686.rpm
x86_64:
thunderbird-3.1.18-1.el6_2.x86_64.rpm
thunderbird-debuginfo-3.1.18-1.el6_2.x86_64.rpm
Thespackages arGPG signed by Red Hat for security Our key and
details on how tverify thsignaturaravailablfrom
https://access.redhat.com/security/team/key/#package