Bug 22903

Summary: Thunderbird 52.7
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: jim, marja11, mhrambo3501, sysadmin-bugs
Version: 5Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5-64-OK
Source RPM: thunderbird CVE:
Status comment:
Bug Depends on: 22823    
Bug Blocks:    

Description David Walser 2018-04-14 02:18:28 CEST 
+++ This bug was initially created as a clone of Bug #22823 +++

Mozilla has released Thunderbird 52.7 on March 23:
https://www.mozilla.org/en-US/thunderbird/52.7.0/releasenotes/

The issues fixed are listed here:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/

RedHat has issued an advisory for this on April 5:
https://access.redhat.com/errata/RHSA-2018:0648
Comment 1 Marja Van Waes 2018-04-14 07:04:40 CEST 
Assigning to the registered maintainer, CC'ing Mike

CC: (none) => marja11, mrambo
Assignee: bugsquad => doktor5000

Comment 2 Mike Rambo 2018-04-17 15:30:22 CEST 
Updated package uploaded for Mageia 5.

Advisory:
========================

Updated thunderbird package fixes bugs and security vulnerabilities:

* A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash (CVE-2018-5127).
* A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process (CVE-2018-5129).
* An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter (CVE-2018-5144).
*An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest (CVE-2018-5146).
* Mozilla developers and community members reported memory safety bugs present in Firefox 58, Firefox ESR 52.6, and Thunderbird 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code (CVE-2018-5125).
* Mozilla developers reported memory safety bugs present in Firefox ESR 52.6 and Thunderbird 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code (CVE-2018-5145).

References:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-09/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
========================

Updated packages in core/updates_testing:
========================
thunderbird-52.7.0-1.mga5
thunderbird-enigmail-52.7.0-1.mga5

from thunderbird-52.7.0-1.mga5.src.rpm

thunderbird-ar-52.7.0-1.mga5.noarch.rpm
thunderbird-ast-52.7.0-1.mga5.noarch.rpm
thunderbird-be-52.7.0-1.mga5.noarch.rpm
thunderbird-bg-52.7.0-1.mga5.noarch.rpm
thunderbird-bn_BD-52.7.0-1.mga5.noarch.rpm
thunderbird-br-52.7.0-1.mga5.noarch.rpm
thunderbird-ca-52.7.0-1.mga5.noarch.rpm
thunderbird-cs-52.7.0-1.mga5.noarch.rpm
thunderbird-cy-52.7.0-1.mga5.noarch.rpm
thunderbird-da-52.7.0-1.mga5.noarch.rpm
thunderbird-de-52.7.0-1.mga5.noarch.rpm
thunderbird-el-52.7.0-1.mga5.noarch.rpm
thunderbird-en_GB-52.7.0-1.mga5.noarch.rpm
thunderbird-en_US-52.7.0-1.mga5.noarch.rpm
thunderbird-es_AR-52.7.0-1.mga5.noarch.rpm
thunderbird-es_ES-52.7.0-1.mga5.noarch.rpm
thunderbird-et-52.7.0-1.mga5.noarch.rpm
thunderbird-eu-52.7.0-1.mga5.noarch.rpm
thunderbird-fi-52.7.0-1.mga5.noarch.rpm
thunderbird-fr-52.7.0-1.mga5.noarch.rpm
thunderbird-fy_NL-52.7.0-1.mga5.noarch.rpm
thunderbird-ga_IE-52.7.0-1.mga5.noarch.rpm
thunderbird-gd-52.7.0-1.mga5.noarch.rpm
thunderbird-gl-52.7.0-1.mga5.noarch.rpm
thunderbird-he-52.7.0-1.mga5.noarch.rpm
thunderbird-hr-52.7.0-1.mga5.noarch.rpm
thunderbird-hsb-52.7.0-1.mga5.noarch.rpm
thunderbird-hu-52.7.0-1.mga5.noarch.rpm
thunderbird-hy_AM-52.7.0-1.mga5.noarch.rpm
thunderbird-id-52.7.0-1.mga5.noarch.rpm
thunderbird-is-52.7.0-1.mga5.noarch.rpm
thunderbird-it-52.7.0-1.mga5.noarch.rpm
thunderbird-ja-52.7.0-1.mga5.noarch.rpm
thunderbird-ko-52.7.0-1.mga5.noarch.rpm
thunderbird-lt-52.7.0-1.mga5.noarch.rpm
thunderbird-nb_NO-52.7.0-1.mga5.noarch.rpm
thunderbird-nl-52.7.0-1.mga5.noarch.rpm
thunderbird-nn_NO-52.7.0-1.mga5.noarch.rpm
thunderbird-pa_IN-52.7.0-1.mga5.noarch.rpm
thunderbird-pl-52.7.0-1.mga5.noarch.rpm
thunderbird-pt_BR-52.7.0-1.mga5.noarch.rpm
thunderbird-pt_PT-52.7.0-1.mga5.noarch.rpm
thunderbird-ro-52.7.0-1.mga5.noarch.rpm
thunderbird-ru-52.7.0-1.mga5.noarch.rpm
thunderbird-si-52.7.0-1.mga5.noarch.rpm
thunderbird-sk-52.7.0-1.mga5.noarch.rpm
thunderbird-sl-52.7.0-1.mga5.noarch.rpm
thunderbird-sq-52.7.0-1.mga5.noarch.rpm
thunderbird-sv_SE-52.7.0-1.mga5.noarch.rpm
thunderbird-ta_LK-52.7.0-1.mga5.noarch.rpm
thunderbird-tr-52.7.0-1.mga5.noarch.rpm
thunderbird-uk-52.7.0-1.mga5.noarch.rpm
thunderbird-vi-52.7.0-1.mga5.noarch.rpm
thunderbird-zh_CN-52.7.0-1.mga5.noarch.rpm
thunderbird-zh_TW-52.7.0-1.mga5.noarch.rpm

from thunderbird-l10n-52.7.0-1.mga5.src.rpm

Assignee: doktor5000 => qa-bugs

Comment 3 James Kerr 2018-04-18 11:42:00 CEST 
on mga5-64

packages installed cleanly:
- thunderbird-52.7.0-1.mga5.x86_64
- thunderbird-en_GB-52.7.0-1.mga5.noarch

email POP/SMTP - OK
calendar - OK
movemail - OK 

OK for mga5-64

CC: (none) => jim
Whiteboard: (none) => MGA5-64-OK

Lewis Smith 2018-04-20 08:43:07 CEST

Keywords: (none) => advisory, validated_update
CC: (none) => sysadmin-bugs

Comment 4 Mageia Robot 2018-04-20 19:25:01 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0207.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED