lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.

MITKRB5-SA-2015-001

Vulnerabilities in kadmind, libgssrpc, gss\_process\_context\_token

MITKRB5-SA-2014-001

Buffer overrun in kadmind with LDAP backend

MITKRB5-SA-2012-001

KDC heap corruption and crash vulnerabilities

MITKRB5-SA-2011-008

buffer overflow in telnet daemon and client

MITKRB5-SA-2011-007

KDC null pointer dereference in TGS handling

MITKRB5-SA-2011-006

KDC denial of service vulnerabilities

MITKRB5-SA-2011-005

FTP daemon fails to set effective group ID

MITKRB5-SA-2011-004

kadmind invalid pointer free()

MITKRB5-SA-2011-003

KDC vulnerable to double-free when PKINIT enabled

MITKRB5-SA-2011-002

KDC denial of service attacks

MITKRB5-SA-2011-001

kpropd denial of service

MITKRB5-SA-2010-007

Multiple checksum handling vulnerabilities

MITKRB5-SA-2010-006

KDC uninitialized pointer crash in authorization data handling

MITKRB5-SA-2010-005

GSS-API library null pointer dereference

MITKRB5-SA-2010-004

double free in KDC

MITKRB5-SA-2010-003

denial of service in kadmind in older krb5 releases

MITKRB5-SA-2010-002

denial of service in SPNEGO

MITKRB5-SA-2010-001

krb5-1.7 KDC denial of service

MITKRB5-SA-2009-004

integer underflow in AES and RC4 decryption

MITKRB5-SA-2009-003

KDC denial of service in cross-realm referral processing

MITKRB5-SA-2009-002

ASN.1 decoder frees uninitialized pointer

MITKRB5-SA-2009-001

multiple vulnerabilities in SPNEGO, ASN.1 decoder

MITKRB5-SA-2008-002

array overrun in RPC library used by kadmind

MITKRB5-SA-2008-001

double-free, uninitialized data vulnerabilities in krb5kdc

MITKRB5-SA-2007-006

kadmind RPC library buffer overflow, uninitialized pointer

MITKRB5-SA-2007-005

kadmind vulnerable to buffer overflow

MITKRB5-SA-2007-004

kadmind affected by multiple RPC library vulnerabilities

MITKRB5-SA-2007-003

double-free vulnerability in kadmind (via GSS-API library)

MITKRB5-SA-2007-002

KDC, kadmind stack overflow in krb5\_klog\_syslog

MITKRB5-SA-2007-001

telnetd allows login as arbitrary user

MITKRB5-SA-2006-003

kadmind (via GSS-API mechglue) frees uninitialized pointers

MITKRB5-SA-2006-002

kadmind (via RPC library) calls uninitialized function pointer

MITKRB5-SA-2006-001

multiple local privilege escalation vulnerabilities

MITKRB5-SA-2005-003

double-free in krb5\_recvauth

MITKRB5-SA-2005-002

buffer overflow, heap corruption in KDC

MITKRB5-SA-2005-001

Buffer overflows in telnet client

MITKRB5-SA-2004-004

Heap buffer overflow in libkadm5srv

MITKRB5-SA-2004-003

ASN.1 decoder denial-of-service

MITKRB5-SA-2004-002

Double-free vulnerabilities in KDC and libraries

MITKRB5-SA-2004-001

Buffer overrun in aname\_to\_localname

MITKRB5-SA-2003-005:

Buffer overrun and underrun in principal name handling

MITKRB5-SA-2003-004:

Cryptographic weaknesses in Kerberos v4 protocol; KDC and realm compromise possible.

MITKRB5-SA-2003-003:

Faulty length checks in xdrmem\_getbytes may allow kadmind DoS.

MITKRB5-SA-2003-001:

Multiple vulnerabilities, including possible KDC compromise, in older releases (prior to 1.2.5).

MITKRB5-SA-2002-002: \[updated 2002-10-25\] Buffer overflow in kadmind4

Remote user can gain root access to KDC host.

MITKRB5-SA-2002-001: Remote root vulnerability in MIT krb5 admin system

Remote user may be able to gain root access to a KDC host.

Buffer overflows in telnetd

Buffer overflows in ftpd

Unsafe temporary file handling in krb4 code

A local user may overwrite arbitrary files as root

Remote root vulnerability in GSSFTPD

An attacker with access to a local account may gain unauthorized root access via a krb5-1.1.x ftpd.

Multiple denial of service vulnerabilities in krb4 KDC

A buffer overrun capable of causing a denial of service in the krb4 KDC compat code was discovered. Additionally, krb5-1.1.x KDCs with krb4 code enabled are vulnerable to a separate denial of service.

Buffer Overrun Vulnerabilities in Kerberos 4 code

Serious buffer overruns exist in krb4 compatibility code. Also, these vulnerabilities likely exist in **almost all implementations** derived from MIT krb4.

Login bug when compiling using --without-krb4 in 1.1.1

Compiling remote login programs using the --without-krb4 option has disastrous side effects under 1.1 and 1.1.1 releases.

**MITKRB5-SA-2002-002-kadm4 attack signature**

*   Note describing attack signature associated with possible attacks on kadmind4.

**Patches for MITKRB5-SA-2002-002-kadm4**

*   patch for krb5-1.2.6, with detached PGP signature

**Patches for MITKRB5-SA-2002-001-xdr**

*   patch for krb5-1.2.5, with detached PGP signature

**Patches for telnetd buffer overflow vulnerability**

*   Patch for krb5-1.2.2, with detached PGP signature

**Patches for ftpd buffer overflow vulnerability**

*   Patch for krb5-1.2.2

**Patches for krb4 temporary file vulnerability**

*   Patch for krb5-1.2.1

**Patches for gssftpd vulnerability**

*   Patch for krb5-1.1.x ftpd

**Patches for KDC vulnerabilities**

*   Patch for krb5-1.0.x KDCs
*   Patch for krb5-1.1.1 KDC
*   Patch for CNS KDC
*   Untested patch for krb4 Patch 10

**Patches for krb\_rd\_req() overruns:**

The patches in some of the krb4 overrun original advisories have been untabified, which causes some people to have trouble applying them with the patch program. You may use "patch -l" if your version of patch supports it, or you may apply one of the patches below.

*   Patch for krb4 buffer overruns in 1.0.x
*   Patch for krb4 buffer overruns in 1.1.1 (includes patch for login.c)
*   Patch for bug in login.c.

_$Id: index.html,v 1.46 2016/07/01 17:34:45 ghudson Exp $_  
MIT Kerberos \[ home \] \[ contact \]

CVE-2023-36054: Kerberos Security Advisories

Netgear XR300 v1.0.3.78 was discovered to contain multiple buffer overflows via the wla_ssid and wlg_ssid parameters at genie_ap_wifi_change.cgi.

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Search code, repositories, users, issues, pull requests...**

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

CVE-2023-36499: IoT-Vulns/netgear/nvram_ssid/README.md at main · FirmRec/IoT-Vulns

Netgear JWNR2000v2 v1.0.0.11, XWN5001 v0.4.1.1, and XAVN2001v2 v0.4.0.7 were discovered to contain multiple buffer overflows via the http_passwd and http_username parameters in the update_auth function.

CVE-2023-38922: IoT-Vulns/netgear/http_passwd_auth/README.md at main · FirmRec/IoT-Vulns

Netgear DGN3500 1.1.00.37 was discovered to contain a buffer overflow via the http_password parameter at setup.cgi.

CVE-2023-38924: IoT-Vulns/netgear/http_password_create_smb_cfg/README.md at main · FirmRec/IoT-Vulns

Red Hat Security Advisory 2023-4497-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4497-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4497  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
thunderbird-102.14.0-1.el8_8.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_8.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_8.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_8.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_8.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P2HAAoJENzjgjWX9erEiwgP/jUVVVd6QD4VPf1CzYuBBR4b  
z9soz0fFRJmKlULKr/TSJhEJ0HAU1vRHbOT2pEc/vQicwoWnpj3qRzUPJ2q0woCV  
m2wfGonzJ17hJNDdukXweN9Zu4PvmwD+fBgseCmdhd2qtK0r1IryoxqVA1L0kE8B  
Z9fKu9gUqjDqNM0ybltIDCKrSex2Im8sKEFX4/mC4qWOP30N6fF/UeCo4bw7LaLD  
TuLhDL15lGQQGaGlOp/W45siYNl+4ZQjYV315EL6hquSM/rdRmB4xs+AoxvlqSy8  
et74pq4Nt2OzSysOkk2ZGE76schOq1VAlaJ5pgPwTcp5+L4Hv2l48w+V8KMwoHpZ  
BdvuGqosLbugeHadAHsbKXPCvhTeZZ+Y/LfI15UwLWkJOoe0EVyUyyWUgwJYoFcA  
unSOkt43Gm//jzUxF5RFqwMRp3CqHxcWm9JtSiSm5g8AHvkpmEWam6KcDQLqsBDG  
JfxqPCz0abFoTNXyHTLAygGv57LL4xA8GfjMQdhdk+jBIFwaXmIxsPT4S/rFirCL  
LSgsf4RWr8vFQrzBSfdNI0BOswRU4ZhfqdBhOa+0tUeauDdXcDMJNmPaa+L2BZ0A  
O4WYqQShvqCBBlwtXDTa0favo89GZyn8q5qo3ddZHKgC6ukWxj1DFa8/UDQqARRm  
eZgizToOWRA/4FlUZ8q4  
=LPkR  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4497-01

Red Hat Security Advisory 2023-4499-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4499-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4499  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
thunderbird-102.14.0-1.el9_2.src.rpm

aarch64:  
thunderbird-102.14.0-1.el9_2.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el9_2.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el9_2.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el9_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3BAAoJENzjgjWX9erEI4AP/isP37SsYX3PZky9trAcT0vI  
5aGzgYCUr6ioqhynQpyPmKH7tKTnfpeq0jYJHzMWM62LjEYfX76yHiIbAiaV6pRy  
Oy3aPt7sSJzN+/emLuoRF4apWLelHC3T32RexGMvVcnU7lcWNfZ7L24LiogPt4GA  
6/Q7/YQheLIveSM465UX6dp8J7wRZARl6rmK6jO7lquAupSAYY48jhl21NT5E3D+  
0g5ssrjnbitqlt0n59bM/AOaVXC1p9GcS+4EFU2Ma1EbcMrxoImKrvClgl6lEHZq  
lZiQFYXnR7MMTvk5vRO0q5NVp9dpIfhB4T1BpokQ0VQe30zJHGNMxGREqj1dBGZ3  
xtqVgBx7nA+eCdLrjsm+sNvVNJzXCjRpYfYzddgsc4QFBjTUqwveJIr6AKiSZBc4  
ffS61Ehtjr/kYpj/60HZjsrUGaTAlTaCCMibIqfsYa/U+lu7B6IdqOhDkJUhEJcl  
LAYjXmn65n/ADEDPXACgxO52i421XpAjCeTecrGufJ2Q4KnXz0jHZgutmPlbZ999  
b3kRjmIi3Lh7WGR1MTokMKl+yGOy+pLGTBxN5cF0CFmiZhMZJA2LhrOlyS4Vy5J9  
YzukpCDceJKfkEZ2ztjAcLy0pDUqoYfWjjpcdwMSs33pOPMwwY+SECFtbE0x6b7M  
t3ds500K/3QX0KLYhoFf  
=y9y0  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4499-01

Red Hat Security Advisory 2023-4500-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4500-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4500  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4  
Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4  
Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update  
Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v.8.4) - x86_64  
Red Hat Enterprise Linux AppStream E4S (v.8.4) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream TUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v.8.4):

Source:  
thunderbird-102.14.0-1.el8_4.src.rpm

x86_64:  
thunderbird-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v.8.4):

Source:  
thunderbird-102.14.0-1.el8_4.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v.8.4):

Source:  
thunderbird-102.14.0-1.el8_4.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3gAAoJENzjgjWX9erEeH0P/1M0cfMSwsEYmKb2lAnc4XuD  
LBA+/ACSx0pmBMqAoG6KMGyv9pLGL4afyTkuUdwrqebX++yxZFK/EZCMa5/vrQei  
NRNx0sCjAdqVlCbqosM5QJUPkHWvt1vLLttJFkbPwDeA/N5/6zOkrjQUNXwH5bOZ  
qUsWXVfJQra6PHQ1wQa5UrrjdPD3eaZkpwKyDNek41bRMcCYRPS10HKeTBj0rWfQ  
bXAGieb7zO3O3EqvJMZ7G21MV80r27Hip+ydP07sJVxz3Za/i/cGtyHzU9Kp0xMp  
7SUkc+LMksNcNCw1/o6yhZdTdRyMgGwEriP0hT9sy7OKHyV3yvkZAQ1OpIINOZ1m  
6H/yFDy18Uhg3mj4LoO72M4VmJAoL9Zd6LjC89mNmWuGXD/TTlHrnBSATz+W3mBA  
ZKZAN+xByw31s/Q1CMsIU/t+VpJev3EIOCrIAkf3jIq4yUb04AShlJk4JAmCNmW8  
xuUQne6bfAw4lZiDqx/JyaV6pulqmGAPFOU2klZNO0EByzv5yeoC8A17oEYzahQq  
EvJDhg8/fTDHxZwtQm0OupZQY9CvfQaxaCz5OJrH43rQnfK8mDWrEW4IkZz4fLNo  
Nn4U+x4kNTMj7T0RSdewWD4qyS3juWeTXRSkSCyv1ksVpGtQWG2AJh7dypCHg51X  
07ioqq8PHwK2s5ytPmja  
=MOUN  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4500-01

Red Hat Security Advisory 2023-4495-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4495-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4495  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64  
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, x86_64  
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:  
thunderbird-102.14.0-1.el7_9.src.rpm

x86_64:  
thunderbird-102.14.0-1.el7_9.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

Source:  
thunderbird-102.14.0-1.el7_9.src.rpm

ppc64le:  
thunderbird-102.14.0-1.el7_9.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.ppc64le.rpm

x86_64:  
thunderbird-102.14.0-1.el7_9.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:  
thunderbird-102.14.0-1.el7_9.src.rpm

x86_64:  
thunderbird-102.14.0-1.el7_9.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3OAAoJENzjgjWX9erE5HkP/3wf0pb7J7dMsEry7Mx8rX6I  
KD+WC4r2CodrRi2uh3rdjYeey2z+Z7geo+62+QpnNXKD29wiKAt46tk0mDOrRi/h  
vMuyN+eZ+XiWjRIfipkViCYOG0fXSG5e4IekdFTkv/ju/eovevbujd9V4LVlE9ha  
FWO3nGn1d0qJgUxdmbkHNFIvQefzjj7VhOTXLRS/ouIQqXUiQ42qowA8udjghQHA  
BTcTMNjmcEPVJi/M6xiBsdv+o0CH+S4rzSCHDOEo+494okHsl8hAedVonjJATD5A  
dfyPfU4xnrp13K2uPfcPn3aqWgDx2taJDm5qxfYt/ww9qmrq+mmWz3dzeTGpt49m  
DZqm1fFFf/VreIH6+cUEWRhGvswf/dzUprqDEkhpN1oXT7EPyB1F7IWfJvLMV6j0  
JfguoPIoe1MwO5e34gdTzMiXDkfKPq34w6W1xofqZdoezqYSAYMhsfkBDq2JCCFm  
t4wLd52UlRR/d1s6pfdj02uuWS0cxY2jfXMgIgb2OMtoBfo98iaChpb4OdWf8BT3  
K68mV9HjR4QITvdYDAhwViBSNh6ccnPfZVR6vjNneXvyJa1YeE2/+IutbIsgkUnV  
DYfdoQiMTUFQuv1lX/IjNPKdKBHrEnyRQ6XOFrHWeZ54NMuhKuQGPe6I1NzbD8f5  
rkxpStOKC0QaSIf4zW6q  
=uGal  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4495-01

Red Hat Security Advisory 2023-4496-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4496-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4496  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - ppc64le, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
thunderbird-102.14.0-1.el8_2.src.rpm

x86_64:  
thunderbird-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
thunderbird-102.14.0-1.el8_2.src.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
thunderbird-102.14.0-1.el8_2.src.rpm

x86_64:  
thunderbird-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3zAAoJENzjgjWX9erEHuMQAJzYbHSO64RfCUKDP5BDcbcm  
NDW620nj10HjbuQdRWML0i7ClLXI7M5M/qhVGtF1tNOPNIqGLzt0xZwB1WF6Ub49  
0ASHMkWvBgg5r+4Xbg9DyD9aYAd2FzbyI7CLm2XGOfABGSbsFHr4SOCVj5xMkm66  
/rZ/lASvu+ofrWtj6HpHQBvzUB21purp/r6EwhS85FxesYJ+L3v+OsFLbTU6XiHN  
4fD23mc7paLerfU3mcKCT4PaxjzHA3qefTyFZrdqP60DV0ceCQ3Ft4VZ88eZREFW  
Uc04aopQfqPGRjYC3W4ndjiNUTcDmbu/hVLSA0Cw21MlEC/oKmXKsHcR8qT6F06T  
F0NrDvpZiwi88ir1QdldP+HmzQSvhGSgeEC0eegEuUHwmFvOIEWh9qoOGlglQp1k  
Yb3SSgPB6ybLBQmE3pSJsO11FCtTUeMqeQit+3OnAjbbhTEUcVYNfuSX/z+FVBMQ  
29WeprIk2Bpwh/g93L3VZ0D/Hg6IyCc4UadPqAsErDHxOAll+g9lIke00S0oRvX8  
+i4GkxYZBrppmIFc+rIAvFMLXch5CY5K1sqh7R5xjCJFg7h2mX4KGhDFfksipIUh  
rwlL3qQNij5Osgud89wUaARog64GawcSu4BIZZ4Ft8NAD7/GLObaAO0pJZiU5/Vj  
Ff/VoBLCkmuFuRCE3VxK  
=s8Mp  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4496-01

Red Hat Security Advisory 2023-4493-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4493-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4493  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.6):

Source:  
thunderbird-102.14.0-1.el8_6.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_6.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_6.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_6.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_6.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P2fAAoJENzjgjWX9erE2ygP/2TMRR/93qYrshHSYXzFutcE  
V1F7HrYAl0M/VfIgDLIITQPCBrgYMrvt72yjf4Pn/FswH3N2oxwPYw8qEhhO2Z0I  
oQrDEKH0Pkxrku3Ssm6s3uRSVdFNewpWHasT8y9+rk7eBHyvGG+Cn0j4DoZhntI0  
PeCUqaoXaP+lWDFda4YQMcZj6+NnhHU5tyxUi/Fd+PoQnmkTeNtXHPJ7G5RkywZD  
lCS9fH72N/booPgxSq/0G086MWFbFUhAJFzbGBQ4NnDwXQ4MX1vfPjh/lMYUvA/s  
zq9ykCXfE17U2AH7YHb/l3I5gP0oS4wMrFqdqO+NgUAn+eljuI55qrlxxWHfv8qY  
95BDhEg72Hu1MMb0ictyOtSTa1d2WmPrTcB//IC1kS9cJ5cCBXm2YyNv5oGe+UdP  
COX70ifq3ZB9mBCI0V0vnPe1KLzW9ocl2HtS2xo4dSqkInED1JjYlAuO5lRq5r6u  
2dwM9N/cC5VGufGxcYcTLv6fH1BLWM77S38pOkUEhx/xBTxQtzWQEmaf9uM5jAly  
5BNH0r9pHMiXA9ShNGuZb1kyU1rvJjwRYN+IFxg7M7t+LwoXZ4Tkc268CnV5GfWZ  
bbycubepNz7m2KksZZddOj+uu8p/lSC71m8fsxcSYRURCE7hHzhdg3OPPdktJ2eu  
eMpVOF9NJr8siFLgq0+C  
=emMd  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#buffer_overflow