Ubuntu Security Notice USN-3233-1

Ubuntu Security Notice USN-3233-1: Posted Mar 24, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3233-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, cause a denial of service via application crash or hang, or execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410; SHA-256 | 4abb70b1c35863ded49709995ba4e6d401e8550e183f3defde0d6a4363af7dad; Download | Favorite | View

Ubuntu Security Notice USN-3233-1

==========================================================================
Ubuntu Security Notice USN-3233-1
March 24, 2017

thunderbird vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to bypass same origin
restrictions, obtain sensitive information, cause a denial of service via
application crash or hang, or execute arbitrary code. (CVE-2017-5398,
CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405,
CVE-2017-5407, CVE-2017-5408, CVE-2017-5410)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
  thunderbird                     1:45.8.0+build1-0ubuntu0.16.10.1

Ubuntu 16.04 LTS:
  thunderbird                     1:45.8.0+build1-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
  thunderbird                     1:45.8.0+build1-0ubuntu0.14.04.1

Ubuntu 12.04 LTS:
  thunderbird                     1:45.8.0+build1-0ubuntu0.12.04.1

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-3233-1
  CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402,
  CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408,
  CVE-2017-5410

Package Information:
  https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.16.10.1
  https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.16.04.1
  https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.14.04.1
  https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.12.04.1

Top Authors In Last 30 Days

Red Hat 183 files
Ubuntu 59 files
Debian 20 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Google Security Research 6 files
E1.Coders 4 files
Ersin Erenler 4 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,007)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,166)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,459)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,428)
UNIX (9,390)
UnixWare (187)
Windows (6,647)
Other

Ubuntu Security Notice USN-3233-1

Ubuntu Security Notice USN-3233-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice USN-3233-1

Share This

Ubuntu Security Notice USN-3233-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems