Ubuntu Security Notice 4202-2 - USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting attacks, or execute arbitrary code. A heap overflow was discovered in the expat library in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.
0508b25ed86166d9e8ad492da3dab33c26ea8d976fc0c2aaea774bea64b55912
Gentoo Linux Security Advisory 201911-8 - Multiple vulnerabilities have been found in Expat, the worst of which could result in a Denial of Service condition. Versions less than 2.2.8 are affected.
47162c7e1df3889457be23a657c191abf49d902bd68ccdb3bc1755160377b0d2
Debian Linux Security Advisory 4571-1 - Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code or denial of service.
d1da11dc68e0e483876a30896b2795e84ff6d0181f67e226306de8a7caa0ee6d
Red Hat Security Advisory 2019-3756-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.
59bfe19103b4687534079d95b182dc1f8f3e30930f4ee500b46157a6721ebe55
Red Hat Security Advisory 2019-3237-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.
6e152cb6de1e407aa24b73531b0f86c2b267e661039302e9f7cebbccf0d21018
Red Hat Security Advisory 2019-3210-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Issues addressed include buffer overflow, bypass, cross site scripting, and use-after-free vulnerabilities.
eab73ea98afa2e510f2453560cb7938674b64634ab997ecd098678cd1b3c6421
Debian Linux Security Advisory 4549-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service.
c2f9b81b56dcc0573ebe0c44438c4c6fe6b00da6af49f7ffbe87d446c4117271
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
f7f527b29f8543776ff99d7a6d581ab08d43b05404ef93897f1a7728c884d2f7
Slackware Security Advisory - New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
6e16f3aa88276b6f120411e834953cbd8b1d1e3547deb2d4e80297d7c49b6eb3
Debian Linux Security Advisory 4530-1 - It was discovered that Expat, an XML parsing C library, did not properly handled internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed.
9cee2c8942bc273319fe7a37df2b71158ae6eace203f2937cc0905f3d5645df1
Slackware Security Advisory - New expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
68a44166360d4fbde9c545583a061622e7d55161bfae91a0047ef2512402a8db
Ubuntu Security Notice 4132-2 - USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
fbf826848766fbaf6449cfc545a84245112caf7d7af0ab789fe8de9e2663cc08
Ubuntu Security Notice 4132-1 - It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
5ae3d88ee962e285840c5782f010c4b59205cbcb83198b238a4a581d3a31fa04