| |||||||||||||||||||
Mageia alert MGASA-2012-0289 (thunderbird)
MGASA-2012-0289 Date: October 11th, 2012 Affected releases: 1, 2 Description: Updated mozilla thunderbird packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188). Two flaws in Thunderbird could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Thunderbird executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution (CVE-2012-3986, CVE-2012-3991). Multiple flaws were found in the location object implementation in Thunderbird. Malicious content could be used to perform cross-site scripting attacks, script injection, or spoofing attacks (CVE-2012-1956, CVE-2012-3992, CVE-2012-3994). Two flaws were found in the way Chrome Object Wrappers were implemented. Malicious content could be used to perform cross-site scripting attacks or cause Thunderbird to execute arbitrary code (CVE-2012-3993, CVE-2012-4184). Updated Packages: Mageia 1: mozilla-thunderbird-10.0.8-1.mga1 mozilla-thunderbird-enigmail-10.0.8-1.mga1 mozilla-thunderbird-enigmail-ar-10.0.8-1.mga1 mozilla-thunderbird-enigmail-ca-10.0.8-1.mga1 mozilla-thunderbird-enigmail-cs-10.0.8-1.mga1 mozilla-thunderbird-enigmail-de-10.0.8-1.mga1 mozilla-thunderbird-enigmail-el-10.0.8-1.mga1 mozilla-thunderbird-enigmail-es-10.0.8-1.mga1 mozilla-thunderbird-enigmail-fi-10.0.8-1.mga1 mozilla-thunderbird-enigmail-fr-10.0.8-1.mga1 mozilla-thunderbird-enigmail-it-10.0.8-1.mga1 mozilla-thunderbird-enigmail-ja-10.0.8-1.mga1 mozilla-thunderbird-enigmail-ko-10.0.8-1.mga1 mozilla-thunderbird-enigmail-nb-10.0.8-1.mga1 mozilla-thunderbird-enigmail-nl-10.0.8-1.mga1 mozilla-thunderbird-enigmail-pl-10.0.8-1.mga1 mozilla-thunderbird-enigmail-pt-10.0.8-1.mga1 mozilla-thunderbird-enigmail-pt_BR-10.0.8-1.mga1 mozilla-thunderbird-enigmail-ru-10.0.8-1.mga1 mozilla-thunderbird-enigmail-sl-10.0.8-1.mga1 mozilla-thunderbird-enigmail-sv-10.0.8-1.mga1 mozilla-thunderbird-enigmail-tr-10.0.8-1.mga1 mozilla-thunderbird-enigmail-vi-10.0.8-1.mga1 mozilla-thunderbird-enigmail-zh_CN-10.0.8-1.mga1 mozilla-thunderbird-enigmail-zh_TW-10.0.8-1.mga1 mozilla-thunderbird-ar-10.0.8-1.mga1 mozilla-thunderbird-be-10.0.8-1.mga1 mozilla-thunderbird-bg-10.0.8-1.mga1 mozilla-thunderbird-bn_BD-10.0.8-1.mga1 mozilla-thunderbird-br-10.0.8-1.mga1 mozilla-thunderbird-ca-10.0.8-1.mga1 mozilla-thunderbird-cs-10.0.8-1.mga1 mozilla-thunderbird-da-10.0.8-1.mga1 mozilla-thunderbird-de-10.0.8-1.mga1 mozilla-thunderbird-el-10.0.8-1.mga1 mozilla-thunderbird-en_GB-10.0.8-1.mga1 mozilla-thunderbird-es_AR-10.0.8-1.mga1 mozilla-thunderbird-es_ES-10.0.8-1.mga1 mozilla-thunderbird-et-10.0.8-1.mga1 mozilla-thunderbird-eu-10.0.8-1.mga1 mozilla-thunderbird-fi-10.0.8-1.mga1 mozilla-thunderbird-fr-10.0.8-1.mga1 mozilla-thunderbird-fy-10.0.8-1.mga1 mozilla-thunderbird-ga-10.0.8-1.mga1 mozilla-thunderbird-gd-10.0.8-1.mga1 mozilla-thunderbird-gl-10.0.8-1.mga1 mozilla-thunderbird-he-10.0.8-1.mga1 mozilla-thunderbird-hu-10.0.8-1.mga1 mozilla-thunderbird-id-10.0.8-1.mga1 mozilla-thunderbird-is-10.0.8-1.mga1 mozilla-thunderbird-it-10.0.8-1.mga1 mozilla-thunderbird-ja-10.0.8-1.mga1 mozilla-thunderbird-ko-10.0.8-1.mga1 mozilla-thunderbird-lt-10.0.8-1.mga1 mozilla-thunderbird-nb_NO-10.0.8-1.mga1 mozilla-thunderbird-nl-10.0.8-1.mga1 mozilla-thunderbird-nn_NO-10.0.8-1.mga1 mozilla-thunderbird-pl-10.0.8-1.mga1 mozilla-thunderbird-pt_BR-10.0.8-1.mga1 mozilla-thunderbird-pt_PT-10.0.8-1.mga1 mozilla-thunderbird-ro-10.0.8-1.mga1 mozilla-thunderbird-ru-10.0.8-1.mga1 mozilla-thunderbird-si-10.0.8-1.mga1 mozilla-thunderbird-sk-10.0.8-1.mga1 mozilla-thunderbird-sl-10.0.8-1.mga1 mozilla-thunderbird-sq-10.0.8-1.mga1 mozilla-thunderbird-sv_SE-10.0.8-1.mga1 mozilla-thunderbird-ta_LK-10.0.8-1.mga1 mozilla-thunderbird-tr-10.0.8-1.mga1 mozilla-thunderbird-uk-10.0.8-1.mga1 mozilla-thunderbird-vi-10.0.8-1.mga1 mozilla-thunderbird-zh_CN-10.0.8-1.mga1 mozilla-thunderbird-zh_TW-10.0.8-1.mga1 nsinstall-10.0.8-1.mga1 Mageia 2: thunderbird-10.0.8-1.mga2 thunderbird-enigmail-10.0.8-1.mga2 thunderbird-ar-10.0.8-1.mga2 thunderbird-ast-10.0.8-1.mga2 thunderbird-be-10.0.8-1.mga2 thunderbird-bg-10.0.8-1.mga2 thunderbird-bn_BD-10.0.8-1.mga2 thunderbird-br-10.0.8-1.mga2 thunderbird-ca-10.0.8-1.mga2 thunderbird-cs-10.0.8-1.mga2 thunderbird-da-10.0.8-1.mga2 thunderbird-de-10.0.8-1.mga2 thunderbird-el-10.0.8-1.mga2 thunderbird-en_GB-10.0.8-1.mga2 thunderbird-es_AR-10.0.8-1.mga2 thunderbird-es_ES-10.0.8-1.mga2 thunderbird-et-10.0.8-1.mga2 thunderbird-eu-10.0.8-1.mga2 thunderbird-fi-10.0.8-1.mga2 thunderbird-fr-10.0.8-1.mga2 thunderbird-fy-10.0.8-1.mga2 thunderbird-ga-10.0.8-1.mga2 thunderbird-gd-10.0.8-1.mga2 thunderbird-gl-10.0.8-1.mga2 thunderbird-he-10.0.8-1.mga2 thunderbird-hu-10.0.8-1.mga2 thunderbird-id-10.0.8-1.mga2 thunderbird-is-10.0.8-1.mga2 thunderbird-it-10.0.8-1.mga2 thunderbird-ja-10.0.8-1.mga2 thunderbird-ko-10.0.8-1.mga2 thunderbird-lt-10.0.8-1.mga2 thunderbird-nb_NO-10.0.8-1.mga2 thunderbird-nl-10.0.8-1.mga2 thunderbird-nn_NO-10.0.8-1.mga2 thunderbird-pl-10.0.8-1.mga2 thunderbird-pa_IN-10.0.8-1.mga2 thunderbird-pt_BR-10.0.8-1.mga2 thunderbird-pt_PT-10.0.8-1.mga2 thunderbird-ro-10.0.8-1.mga2 thunderbird-ru-10.0.8-1.mga2 thunderbird-si-10.0.8-1.mga2 thunderbird-sk-10.0.8-1.mga2 thunderbird-sl-10.0.8-1.mga2 thunderbird-sq-10.0.8-1.mga2 thunderbird-sv_SE-10.0.8-1.mga2 thunderbird-ta_LK-10.0.8-1.mga2 thunderbird-tr-10.0.8-1.mga2 thunderbird-uk-10.0.8-1.mga2 thunderbird-vi-10.0.8-1.mga2 thunderbird-zh_CN-10.0.8-1.mga2 thunderbird-zh_TW-10.0.8-1.mga2 nsinstall-10.0.8-1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1956 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3982 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3986 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3988 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3990 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3991 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3992 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3993 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3994 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4184 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4188 http://www.mozilla.org/security/announce/2012/mfsa2012-59... http://www.mozilla.org/security/announce/2012/mfsa2012-74... http://www.mozilla.org/security/announce/2012/mfsa2012-77... http://www.mozilla.org/security/announce/2012/mfsa2012-79... http://www.mozilla.org/security/announce/2012/mfsa2012-81... http://www.mozilla.org/security/announce/2012/mfsa2012-82... http://www.mozilla.org/security/announce/2012/mfsa2012-83... http://www.mozilla.org/security/announce/2012/mfsa2012-84... http://www.mozilla.org/security/announce/2012/mfsa2012-85... http://www.mozilla.org/security/announce/2012/mfsa2012-86... http://www.mozilla.org/security/announce/2012/mfsa2012-87... https://rhn.redhat.com/errata/RHSA-2012-1351.html https://bugs.mageia.org/show_bug.cgi?id=7753 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-... (Log in to post comments)
|
|||||||||||||||||||