RedHat: RHSA-2018-2252:01 Important: thunderbird security update
Summary
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 52.9.1.
Security Fix(es):
* Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and
Firefox ESR 52.9 (CVE-2018-5188)
* Mozilla: Buffer overflow using computed size of canvas element
(CVE-2018-12359)
* Mozilla: Use-after-free using focus() (CVE-2018-12360)
* Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362)
* Mozilla: Use-after-free when appending DOM nodes (CVE-2018-12363)
* Mozilla: CSRF attacks through 307 redirects and NPAPI plugins
(CVE-2018-12364)
* thunderbird: S/MIME and PGP decryption oracles can be built with HTML
emails (CVE-2018-12372)
* thunderbird: S/MIME plaintext can be leaked through HTML reply/forward
(CVE-2018-12373)
* Mozilla: Compromised IPC child process can list local filenames
(CVE-2018-12365)
* Mozilla: Invalid data handling during QCMS transformations
(CVE-2018-12366)
* thunderbird: Using form to exfiltrate encrypted mail part by pressing
enter in form field (CVE-2018-12374)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Alex Gaynor, Christoph Diehl, Christian Holler, Jason
Kratzer, David Major, Jon Coppeard, Nicolas B. Pierron, Marcia Knous,
Ronald Crane, Nils, F. Alonso (revskills), David Black, and OSS-Fuzz as the
original reporters.
Summary
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Thunderbird must be restarted for the update to
take effect.
References
https://access.redhat.com/security/cve/CVE-2018-5188 https://access.redhat.com/security/cve/CVE-2018-12359 https://access.redhat.com/security/cve/CVE-2018-12360 https://access.redhat.com/security/cve/CVE-2018-12362 https://access.redhat.com/security/cve/CVE-2018-12363 https://access.redhat.com/security/cve/CVE-2018-12364 https://access.redhat.com/security/cve/CVE-2018-12365 https://access.redhat.com/security/cve/CVE-2018-12366 https://access.redhat.com/security/cve/CVE-2018-12372 https://access.redhat.com/security/cve/CVE-2018-12373 https://access.redhat.com/security/cve/CVE-2018-12374 https://access.redhat.com/security/updates/classification/#important https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/
Package List
Red Hat Enterprise Linux Client (v. 7):
Source:
thunderbird-52.9.1-1.el7_5.src.rpm
x86_64:
thunderbird-52.9.1-1.el7_5.x86_64.rpm
thunderbird-debuginfo-52.9.1-1.el7_5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
Source:
thunderbird-52.9.1-1.el7_5.src.rpm
ppc64le:
thunderbird-52.9.1-1.el7_5.ppc64le.rpm
thunderbird-debuginfo-52.9.1-1.el7_5.ppc64le.rpm
x86_64:
thunderbird-52.9.1-1.el7_5.x86_64.rpm
thunderbird-debuginfo-52.9.1-1.el7_5.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
Source:
thunderbird-52.9.1-1.el7_5.src.rpm
aarch64:
thunderbird-52.9.1-1.el7_5.aarch64.rpm
thunderbird-debuginfo-52.9.1-1.el7_5.aarch64.rpm
ppc64le:
thunderbird-52.9.1-1.el7_5.ppc64le.rpm
thunderbird-debuginfo-52.9.1-1.el7_5.ppc64le.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
thunderbird-52.9.1-1.el7_5.src.rpm
x86_64:
thunderbird-52.9.1-1.el7_5.x86_64.rpm
thunderbird-debuginfo-52.9.1-1.el7_5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Topic
Relevant Releases Architectures
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le
Bugs Fixed
1595024 - CVE-2018-12359 Mozilla: Buffer overflow using computed size of canvas element
1595025 - CVE-2018-12360 Mozilla: Use-after-free using focus()
1595027 - CVE-2018-12362 Mozilla: Integer overflow in SSSE3 scaler
1595028 - CVE-2018-12363 Mozilla: Use-after-free when appending DOM nodes
1595029 - CVE-2018-12364 Mozilla: CSRF attacks through 307 redirects and NPAPI plugins
1595030 - CVE-2018-12365 Mozilla: Compromised IPC child process can list local filenames
1595031 - CVE-2018-12366 Mozilla: Invalid data handling during QCMS transformations
1595040 - CVE-2018-5188 Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9
1598529 - CVE-2018-12373 thunderbird: S/MIME plaintext can be leaked through HTML reply/forward
1598538 - CVE-2018-12372 thunderbird: S/MIME and PGP decryption oracles can be built with HTML emails
1598543 - CVE-2018-12374 thunderbird: Using form to exfiltrate encrypted mail part by pressing enter in form field