| Summary: | Thunderbird 115.8 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | andrewsfarm, fri, guillaume.royer, joselp, marja11, sysadmin-bugs |
| Version: | 9 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://www.thunderbird.net/en-US/thunderbird/115.8.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/ | ||
| Whiteboard: | MGA9-64-OK | ||
| Source RPM: | thunderbird, thunderbird-l10n | CVE: | CVE-2024-1546, CVE-2024-1547, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553 |
| Status comment: | |||
| Bug Depends on: | 32876 | ||
| Bug Blocks: | |||
|
Description
Nicolas Salguero
2024-02-21 08:46:10 CET
Nicolas Salguero
2024-02-21 08:47:20 CET
Depends on:
(none) =>
32876
Nicolas Salguero
2024-02-21 08:47:28 CET
Status:
NEW =>
ASSIGNED Suggested advisory: ======================== The updated packages fix security vulnerabilities: Out-of-bounds memory read in networking channels. (CVE-2024-1546) Alert dialog could have been spoofed on another site. (CVE-2024-1547) Fullscreen Notification could have been hidden by select element. (CVE-2024-1548) Custom cursor could obscure the permission dialog. (CVE-2024-1549) Mouse cursor re-positioned unexpectedly could have led to unintended permission grants. (CVE-2024-1550) Multipart HTTP Responses would accept the Set-Cookie header in response parts. (CVE-2024-1551) Incorrect code generation on 32-bit ARM devices. (CVE-2024-1552) Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. (CVE-2024-1553) References: https://www.thunderbird.net/en-US/thunderbird/115.8.0/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/ ======================== Updated packages in core/updates_testing: ======================== thunderbird-115.8.0-1.mga9 thunderbird-af-115.8.0-1.mga9 thunderbird-ar-115.8.0-1.mga9 thunderbird-ast-115.8.0-1.mga9 thunderbird-be-115.8.0-1.mga9 thunderbird-bg-115.8.0-1.mga9 thunderbird-br-115.8.0-1.mga9 thunderbird-ca-115.8.0-1.mga9 thunderbird-cs-115.8.0-1.mga9 thunderbird-cy-115.8.0-1.mga9 thunderbird-da-115.8.0-1.mga9 thunderbird-de-115.8.0-1.mga9 thunderbird-dsb-115.8.0-1.mga9 thunderbird-el-115.8.0-1.mga9 thunderbird-en_CA-115.8.0-1.mga9 thunderbird-en_GB-115.8.0-1.mga9 thunderbird-en_US-115.8.0-1.mga9 thunderbird-es_AR-115.8.0-1.mga9 thunderbird-es_ES-115.8.0-1.mga9 thunderbird-es_MX-115.8.0-1.mga9 thunderbird-et-115.8.0-1.mga9 thunderbird-eu-115.8.0-1.mga9 thunderbird-fi-115.8.0-1.mga9 thunderbird-fr-115.8.0-1.mga9 thunderbird-fy_NL-115.8.0-1.mga9 thunderbird-ga_IE-115.8.0-1.mga9 thunderbird-gd-115.8.0-1.mga9 thunderbird-gl-115.8.0-1.mga9 thunderbird-he-115.8.0-1.mga9 thunderbird-hr-115.8.0-1.mga9 thunderbird-hsb-115.8.0-1.mga9 thunderbird-hu-115.8.0-1.mga9 thunderbird-hy_AM-115.8.0-1.mga9 thunderbird-id-115.8.0-1.mga9 thunderbird-is-115.8.0-1.mga9 thunderbird-it-115.8.0-1.mga9 thunderbird-ja-115.8.0-1.mga9 thunderbird-ka-115.8.0-1.mga9 thunderbird-kab-115.8.0-1.mga9 thunderbird-kk-115.8.0-1.mga9 thunderbird-ko-115.8.0-1.mga9 thunderbird-lt-115.8.0-1.mga9 thunderbird-lv-115.8.0-1.mga9 thunderbird-ms-115.8.0-1.mga9 thunderbird-nb_NO-115.8.0-1.mga9 thunderbird-nl-115.8.0-1.mga9 thunderbird-nn_NO-115.8.0-1.mga9 thunderbird-pa_IN-115.8.0-1.mga9 thunderbird-pl-115.8.0-1.mga9 thunderbird-pt_BR-115.8.0-1.mga9 thunderbird-pt_PT-115.8.0-1.mga9 thunderbird-ro-115.8.0-1.mga9 thunderbird-ru-115.8.0-1.mga9 thunderbird-sk-115.8.0-1.mga9 thunderbird-sl-115.8.0-1.mga9 thunderbird-sq-115.8.0-1.mga9 thunderbird-sr-115.8.0-1.mga9 thunderbird-sv_SE-115.8.0-1.mga9 thunderbird-th-115.8.0-1.mga9 thunderbird-tr-115.8.0-1.mga9 thunderbird-uk-115.8.0-1.mga9 thunderbird-uz-115.8.0-1.mga9 thunderbird-vi-115.8.0-1.mga9 thunderbird-zh_CN-115.8.0-1.mga9 thunderbird-zh_TW-115.8.0-1.mga9 from SRPMS: thunderbird-115.8.0-1.mga9.src.rpm thunderbird-l10n-115.8.0-1.mga9.src.rpm Assignee:
nicolas.salguero =>
qa-bugs
Marja Van Waes
2024-02-21 16:37:03 CET
CC:
(none) =>
marja11
Marja Van Waes
2024-02-21 16:40:33 CET
Keywords:
(none) =>
advisory MGA9-64 Plasma, i5-7500, Nvidia Quadro K620 graphics. No installation issues. Sent and received mail, and also Usenet posts. Clicking on a link in an email brought up Firefox. I do not use the calendar, but as far as I went it worked as expected. CC:
(none) =>
andrewsfarm mga9-64 OK Tested under Plasma, Intel I7-870, nvidia-newfeature (testing) on GTX750, 4K screen, kernel desktop 6.6.17-3. Closed, updated, started Thunderbird just keep working OK: Swedish locale settings and local mail Sent and received some mails; IMAP (offline, IMAP to synk to server) SMTP Opens attached .pdf and .eml in tabs. Printing OK. I do not use calendar nor tasks CC:
(none) =>
fri Hi, Updated from testing repos for Mageia 9 x86_64 Plasma no VM. I am using now. Accounts ok. Send and receive ok. Signature ok. Addons ok. Calendar and task ok. Notifications ok. Spanish translation ok. Attachments ok. Greetings! CC:
(none) =>
joselp Mageia X86_64 GNOME Mac Mini Core I5 16Go RAM Updated with QA repo and RPMs: thunderbird 115.8.0 1.mga9 x86_64 thunderbird-fr 115.8.0 1.mga9 noarch Accounts ok. Send and receive ok. Calendar and task ok. Notifications ok. CC:
(none) =>
guillaume.royer I have used this on two other MGA9-64 Plasma systems, with no issues. Sending it on. Validating. CC:
(none) =>
sysadmin-bugs An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0050.html Status:
ASSIGNED =>
RESOLVED |