Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5393-1

Ubuntu Security Notice 5393-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct spoofing attacks, or execute arbitrary code. It was discovered that Thunderbird ignored OpenPGP revocation when importing a revoked key in some circumstances. An attacker could potentially exploit this by tricking the user into trusting the authenticity of a message or tricking them into use a revoked key to send an encrypted message.

Packet Storm
Open in Source
#vulnerability#web#ubuntu#dos#auth
==========================================================================Ubuntu Security Notice USN-5393-1April 27, 2022thunderbird vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 21.10- Ubuntu 20.04 LTS- Ubuntu 18.04 LTSSummary:Several security issues were fixed in Thunderbird.Software Description:- thunderbird: Mozilla Open Source mail and newsgroup clientDetails:Multiple security issues were discovered in Thunderbird. If a user weretricked into opening a specially crafted website in a browsing context, anattacker could potentially exploit these to cause a denial of service,conduct spoofing attacks, or execute arbitrary code. (CVE-2022-1097,CVE-2022-1196, CVE-2022-28281, CVE-2022-28282, CVE-2022-28285,CVE-2022-28286, CVE-2022-28289)It was discovered that Thunderbird ignored OpenPGP revocation whenimporting a revoked key in some circumstances. An attacker couldpotentially exploit this by tricking the user into trusting theauthenticity of a message or tricking them into use a revoked key tosend an encrypted message. (CVE-2022-1197)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 21.10:  thunderbird                     1:91.8.1+build1-0ubuntu0.21.10.1Ubuntu 20.04 LTS:  thunderbird                     1:91.8.1+build1-0ubuntu0.20.04.1Ubuntu 18.04 LTS:  thunderbird                     1:91.8.1+build1-0ubuntu0.18.04.1After a standard system update you need to restart Thunderbird to makeall the necessary changes.References:  https://ubuntu.com/security/notices/USN-5393-1  CVE-2022-1097, CVE-2022-1196, CVE-2022-1197, CVE-2022-28281,  CVE-2022-28282, CVE-2022-28285, CVE-2022-28286, CVE-2022-28289Package Information:  https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.21.10.1  https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.20.04.1  https://launchpad.net/ubuntu/+source/thunderbird/1:91.8.1+build1-0ubuntu0.18.04.1

Packet Storm: Latest News

Grav CMS 1.7.44 Server-Side Template Injection
Packet Storm