============================================================================ Ubuntu Security Notice USN-2053-1 December 11, 2013 thunderbird vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.10 - Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: Several security issues were fixed in Thunderbird. Software Description: - thunderbird: Mozilla Open Source mail and newsgroup client Details: Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5609) Tyson Smith and Jesse Schwartzentruber discovered a use-after-free in event listeners. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5616) A use-after-free was discovered in the table editing interface. An attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5618) Tyson Smith and Jesse Schwartzentruber discovered a crash when inserting an ordered list in to a document using script. If a user had enabled scripting, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-6671) Sijie Xia discovered that trust settings for built-in EV root certificates were ignored under certain circumstances, removing the ability for a user to manually untrust certificates from specific authorities. (CVE-2013-6673) Tyson Smith, Jesse Schwartzentruber and Atte Kettunen discovered a use-after-free in functions for synthetic mouse movement handling. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5613) Eric Faust discovered that GetElementIC typed array stubs can be generated outside observed typesets. If a user had enabled scripting, an attacker could possibly exploit this to cause undefined behaviour with a potential security impact. (CVE-2013-5615) Michal Zalewski discovered several issues with JPEG image handling. An attacker could potentially exploit these to obtain sensitive information. (CVE-2013-6629, CVE-2013-6630) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: thunderbird 1:24.2.0+build1-0ubuntu0.13.10.1 Ubuntu 13.04: thunderbird 1:24.2.0+build1-0ubuntu0.13.04.1 Ubuntu 12.10: thunderbird 1:24.2.0+build1-0ubuntu0.12.10.1 Ubuntu 12.04 LTS: thunderbird 1:24.2.0+build1-0ubuntu0.12.04.1 After a standard system update you need to restart Thunderbird to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2053-1 CVE-2013-5609, CVE-2013-5613, CVE-2013-5615, CVE-2013-5616, CVE-2013-5618, CVE-2013-6629, CVE-2013-6630, CVE-2013-6671, CVE-2013-6673, https://launchpad.net/bugs/1258653 Package Information: https://launchpad.net/ubuntu/+source/thunderbird/1:24.2.0+build1-0ubuntu0.13.10.1 https://launchpad.net/ubuntu/+source/thunderbird/1:24.2.0+build1-0ubuntu0.13.04.1 https://launchpad.net/ubuntu/+source/thunderbird/1:24.2.0+build1-0ubuntu0.12.10.1 https://launchpad.net/ubuntu/+source/thunderbird/1:24.2.0+build1-0ubuntu0.12.04.1