USN-3868-1: Thunderbird vulnerabilities
thunderbird vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary
Several security issues were fixed in Thunderbird.
Software Description
- thunderbird - Mozilla Open Source mail and newsgroup client
Details
Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 18.10
- thunderbird - 1:60.4.0+build2-0ubuntu0.18.10.1
- Ubuntu 18.04 LTS
- thunderbird - 1:60.4.0+build2-0ubuntu0.18.04.1
- Ubuntu 16.04 LTS
- thunderbird - 1:60.4.0+build2-0ubuntu0.16.04.1
- Ubuntu 14.04 LTS
- thunderbird - 1:60.4.0+build2-0ubuntu0.14.04.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart Thunderbird to make all the necessary changes.
References
- CVE-2018-12389
- CVE-2018-12390
- CVE-2018-12392
- CVE-2018-12393
- CVE-2018-12405
- CVE-2018-17466
- CVE-2018-18492
- CVE-2018-18493
- CVE-2018-18494
- CVE-2018-18498
from Ubuntu Security Notices http://bit.ly/2CLDoww