Pop-Up Thingie

>>> Magnum BBS <<<
  • Home
  • Forum
  • Files
  • Log in

  1. Forum
  2. Usenet
  3. LINUX.GENTOO.ANNOUNCE
  • [gentoo-announce] [ GLSA 202208-14 ] Mozilla Thunderbird: Multiple Vuln

    From glsamaker@gentoo.org@21:1/5 to All on Wed Aug 10 06:50:01 2022
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Gentoo Linux Security Advisory GLSA 202208-14
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    https://security.gentoo.org/
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Severity: High
    Title: Mozilla Thunderbird: Multiple Vulnerabilities
    Date: August 10, 2022
    Bugs: #794085, #802759, #807943, #811912, #813501, #822294, #828539, #831040, #833520, #834805, #845057, #846596, #849047, #857048, #864577
    ID: 202208-14

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

    Synopsis
    ========

    Multiple vulnerabilities have been found in Mozilla Thunderbird, the
    worst of which could result in the arbitrary execution of code.

    Background
    ==========

    Mozilla Thunderbird is a popular open-source email client from the
    Mozilla project.

    Affected packages
    =================

    -------------------------------------------------------------------
    Package / Vulnerable / Unaffected
    -------------------------------------------------------------------
    1 mail-client/thunderbird < 91.12.0 >= 91.12.0
    2 mail-client/thunderbird-bin< 91.12.0 >= 91.12.0

    Description
    ===========

    Multiple vulnerabilities have been discovered in Mozilla Thunderbird.
    Please review the CVE identifiers referenced below for details.

    Impact
    ======

    Please review the referenced CVE identifiers for details.

    Workaround
    ==========

    There is no known workaround at this time.

    Resolution
    ==========

    All Mozilla Thunderbird users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-91.12.0"

    All Mozilla Thunderbird binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-bin-91.12.0"

    References
    ==========

    [ 1 ] CVE-2021-4129
    https://nvd.nist.gov/vuln/detail/CVE-2021-4129
    [ 2 ] CVE-2021-4140
    https://nvd.nist.gov/vuln/detail/CVE-2021-4140
    [ 3 ] CVE-2021-29967
    https://nvd.nist.gov/vuln/detail/CVE-2021-29967
    [ 4 ] CVE-2021-29969
    https://nvd.nist.gov/vuln/detail/CVE-2021-29969
    [ 5 ] CVE-2021-29970
    https://nvd.nist.gov/vuln/detail/CVE-2021-29970
    [ 6 ] CVE-2021-29976
    https://nvd.nist.gov/vuln/detail/CVE-2021-29976
    [ 7 ] CVE-2021-29980
    https://nvd.nist.gov/vuln/detail/CVE-2021-29980
    [ 8 ] CVE-2021-29984
    https://nvd.nist.gov/vuln/detail/CVE-2021-29984
    [ 9 ] CVE-2021-29985
    https://nvd.nist.gov/vuln/detail/CVE-2021-29985
    [ 10 ] CVE-2021-29986
    https://nvd.nist.gov/vuln/detail/CVE-2021-29986
    [ 11 ] CVE-2021-29988
    https://nvd.nist.gov/vuln/detail/CVE-2021-29988
    [ 12 ] CVE-2021-29989
    https://nvd.nist.gov/vuln/detail/CVE-2021-29989
    [ 13 ] CVE-2021-30547
    https://nvd.nist.gov/vuln/detail/CVE-2021-30547
    [ 14 ] CVE-2021-38492
    https://nvd.nist.gov/vuln/detail/CVE-2021-38492
    [ 15 ] CVE-2021-38493
    https://nvd.nist.gov/vuln/detail/CVE-2021-38493
    [ 16 ] CVE-2021-38495
    https://nvd.nist.gov/vuln/detail/CVE-2021-38495
    [ 17 ] CVE-2021-38503
    https://nvd.nist.gov/vuln/detail/CVE-2021-38503
    [ 18 ] CVE-2021-38504
    https://nvd.nist.gov/vuln/detail/CVE-2021-38504
    [ 19 ] CVE-2021-38506
    https://nvd.nist.gov/vuln/detail/CVE-2021-38506
    [ 20 ] CVE-2021-38507
    https://nvd.nist.gov/vuln/detail/CVE-2021-38507
    [ 21 ] CVE-2021-38508
    https://nvd.nist.gov/vuln/detail/CVE-2021-38508
    [ 22 ] CVE-2021-38509
    https://nvd.nist.gov/vuln/detail/CVE-2021-38509
    [ 23 ] CVE-2021-40529
    https://nvd.nist.gov/vuln/detail/CVE-2021-40529
    [ 24 ] CVE-2021-43528
    https://nvd.nist.gov/vuln/detail/CVE-2021-43528
    [ 25 ] CVE-2021-43529
    https://nvd.nist.gov/vuln/detail/CVE-2021-43529
    [ 26 ] CVE-2021-43536
    https://nvd.nist.gov/vuln/detail/CVE-2021-43536
    [ 27 ] CVE-2021-43537
    https://nvd.nist.gov/vuln/detail/CVE-2021-43537
    [ 28 ] CVE-2021-43538
    https://nvd.nist.gov/vuln/detail/CVE-2021-43538
    [ 29 ] CVE-2021-43539
    https://nvd.nist.gov/vuln/detail/CVE-2021-43539
    [ 30 ] CVE-2021-43541
    https://nvd.nist.gov/vuln/detail/CVE-2021-43541
    [ 31 ] CVE-2021-43542
    https://nvd.nist.gov/vuln/detail/CVE-2021-43542
    [ 32 ] CVE-2021-43543
    https://nvd.nist.gov/vuln/detail/CVE-2021-43543
    [ 33 ] CVE-2021-43545
    https://nvd.nist.gov/vuln/detail/CVE-2021-43545
    [ 34 ] CVE-2021-43546
    https://nvd.nist.gov/vuln/detail/CVE-2021-43546
    [ 35 ] CVE-2022-0566
    https://nvd.nist.gov/vuln/detail/CVE-2022-0566
    [ 36 ] CVE-2022-1196
    https://nvd.nist.gov/vuln/detail/CVE-2022-1196
    [ 37 ] CVE-2022-1197
    https://nvd.nist.gov/vuln/detail/CVE-2022-1197
    [ 38 ] CVE-2022-1520
    https://nvd.nist.gov/vuln/detail/CVE-2022-1520
    [ 39 ] CVE-2022-1529
    https://nvd.nist.gov/vuln/detail/CVE-2022-1529
    [ 40 ] CVE-2022-1802
    https://nvd.nist.gov/vuln/detail/CVE-2022-1802
    [ 41 ] CVE-2022-1834
    https://nvd.nist.gov/vuln/detail/CVE-2022-1834
    [ 42 ] CVE-2022-2200
    https://nvd.nist.gov/vuln/detail/CVE-2022-2200
    [ 43 ] CVE-2022-2226
    https://nvd.nist.gov/vuln/detail/CVE-2022-2226
    [ 44 ] CVE-2022-22737
    https://nvd.nist.gov/vuln/detail/CVE-2022-22737
    [ 45 ] CVE-2022-22738
    https://nvd.nist.gov/vuln/detail/CVE-2022-22738
    [ 46 ] CVE-2022-22739
    https://nvd.nist.gov/vuln/detail/CVE-2022-22739
    [ 47 ] CVE-2022-22740
    https://nvd.nist.gov/vuln/detail/CVE-2022-22740
    [ 48 ] CVE-2022-22741
    https://nvd.nist.gov/vuln/detail/CVE-2022-22741
    [ 49 ] CVE-2022-22742
    https://nvd.nist.gov/vuln/detail/CVE-2022-22742
    [ 50 ] CVE-2022-22743
    https://nvd.nist.gov/vuln/detail/CVE-2022-22743
    [ 51 ] CVE-2022-22745
    https://nvd.nist.gov/vuln/detail/CVE-2022-22745
    [ 52 ] CVE-2022-22747
    https://nvd.nist.gov/vuln/detail/CVE-2022-22747
    [ 53 ] CVE-2022-22748
    https://nvd.nist.gov/vuln/detail/CVE-2022-22748
    [ 54 ] CVE-2022-22751
    https://nvd.nist.gov/vuln/detail/CVE-2022-22751
    [ 55 ] CVE-2022-22754
    https://nvd.nist.gov/vuln/detail/CVE-2022-22754
    [ 56 ] CVE-2022-22756
    https://nvd.nist.gov/vuln/detail/CVE-2022-22756
    [ 57 ] CVE-2022-22759
    https://nvd.nist.gov/vuln/detail/CVE-2022-22759
    [ 58 ] CVE-2022-22760
    https://nvd.nist.gov/vuln/detail/CVE-2022-22760
    [ 59 ] CVE-2022-22761
    https://nvd.nist.gov/vuln/detail/CVE-2022-22761
    [ 60 ] CVE-2022-22763
    https://nvd.nist.gov/vuln/detail/CVE-2022-22763
    [ 61 ] CVE-2022-22764
    https://nvd.nist.gov/vuln/detail/CVE-2022-22764
    [ 62 ] CVE-2022-24713
    https://nvd.nist.gov/vuln/detail/CVE-2022-24713
    [ 63 ] CVE-2022-26381
    https://nvd.nist.gov/vuln/detail/CVE-2022-26381
    [ 64 ] CVE-2022-26383
    https://nvd.nist.gov/vuln/detail/CVE-2022-26383
    [ 65 ] CVE-2022-26384
    https://nvd.nist.gov/vuln/detail/CVE-2022-26384
    [ 66 ] CVE-2022-26386
    https://nvd.nist.gov/vuln/detail/CVE-2022-26386
    [ 67 ] CVE-2022-26387
    https://nvd.nist.gov/vuln/detail/CVE-2022-26387
    [ 68 ] CVE-2022-26485
    https://nvd.nist.gov/vuln/detail/CVE-2022-26485
    [ 69 ] CVE-2022-26486
    https://nvd.nist.gov/vuln/detail/CVE-2022-26486
    [ 70 ] CVE-2022-28281
    https://nvd.nist.gov/vuln/detail/CVE-2022-28281
    [ 71 ] CVE-2022-28282
    https://nvd.nist.gov/vuln/detail/CVE-2022-28282
    [ 72 ] CVE-2022-28285
    https://nvd.nist.gov/vuln/detail/CVE-2022-28285
    [ 73 ] CVE-2022-28286
    https://nvd.nist.gov/vuln/detail/CVE-2022-28286
    [ 74 ] CVE-2022-28289
    https://nvd.nist.gov/vuln/detail/CVE-2022-28289
    [ 75 ] CVE-2022-29909
    https://nvd.nist.gov/vuln/detail/CVE-2022-29909
    [ 76 ] CVE-2022-29911
    https://nvd.nist.gov/vuln/detail/CVE-2022-29911
    [ 77 ] CVE-2022-29912
    https://nvd.nist.gov/vuln/detail/CVE-2022-29912
    [ 78 ] CVE-2022-29913
    https://nvd.nist.gov/vuln/detail/CVE-2022-29913
    [ 79 ] CVE-2022-29914
    https://nvd.nist.gov/vuln/detail/CVE-2022-29914
    [ 80 ] CVE-2022-29916
    https://nvd.nist.gov/vuln/detail/CVE-2022-29916
    [ 81 ] CVE-2022-29917
    https://nvd.nist.gov/vuln/detail/CVE-2022-29917
    [ 82 ] CVE-2022-31736
    https://nvd.nist.gov/vuln/detail/CVE-2022-31736
    [ 83 ] CVE-2022-31737
    https://nvd.nist.gov/vuln/detail/CVE-2022-31737
    [ 84 ] CVE-2022-31738
    https://nvd.nist.gov/vuln/detail/CVE-2022-31738
    [ 85 ] CVE-2022-31740
    https://nvd.nist.gov/vuln/detail/CVE-2022-31740
    [ 86 ] CVE-2022-31741
    https://nvd.nist.gov/vuln/detail/CVE-2022-31741
    [ 87 ] CVE-2022-31742
    https://nvd.nist.gov/vuln/detail/CVE-2022-31742
    [ 88 ] CVE-2022-31747
    https://nvd.nist.gov/vuln/detail/CVE-2022-31747
    [ 89 ] CVE-2022-34468
    https://nvd.nist.gov/vuln/detail/CVE-2022-34468
    [ 90 ] CVE-2022-34470
    https://nvd.nist.gov/vuln/detail/CVE-2022-34470
    [ 91 ] CVE-2022-34472
    https://nvd.nist.gov/vuln/detail/CVE-2022-34472
    [ 92 ] CVE-2022-34478
    https://nvd.nist.gov/vuln/detail/CVE-2022-34478
    [ 93 ] CVE-2022-34479
    https://nvd.nist.gov/vuln/detail/CVE-2022-34479
    [ 94 ] CVE-2022-34481
    https://nvd.nist.gov/vuln/detail/CVE-2022-34481
    [ 95 ] CVE-2022-34484
    https://nvd.nist.gov/vuln/detail/CVE-2022-34484
    [ 96 ] CVE-2022-36318
    https://nvd.nist.gov/vuln/detail/CVE-2022-36318
    [ 97 ] CVE-2022-36319
    https://nvd.nist.gov/vuln/detail/CVE-2022-36319
    [ 98 ] MOZ-2021-0007
    [ 99 ] MOZ-2021-0008

    Availability
    ============

    This GLSA and any updates to it are available for viewing at
    the Gentoo Security Website:

    https://security.gentoo.org/glsa/202208-14

    Concerns?
    =========

    Security is a primary focus of Gentoo Linux and ensuring the
    confidentiality and security of our users' machines is of utmost
    importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License
    =======

    Copyright 2022 Gentoo Foundation, Inc; referenced text
    belongs to its owner(s).

    The contents of this document are licensed under the
    Creative Commons - Attribution / Share Alike license.

    https://creativecommons.org/licenses/by-sa/2.5
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEpqTA6ABLMxh/aChGFMQkOaVy+9kFAmLzL1sACgkQFMQkOaVy +9ns4Q//Syeyj0xRXsKMpr7vE+q4uYlXxZ5pyVKgsu1ZEUynC8rwDPICMzV+HkKn da/e6SzfXeGnzJYMVPy9+RfEF6791WEH62rhwPnC0BDijCZaYuU09SnKdNjdHqUh Yffga2yvB+R7c1R46bYMvC5MGEFY3fpWAZ/wvF6gWhogEQbhjg9+yYlQujEcnd8S /NPTYgTpTTiDQ0ntO7F+ygZDbYMFziS5pKl7YdtJqMh5odqv52o/oki/uh6VMZnI 9tSYjxwb2z5LjWBHPbhP34BJcTavMv/rHb+QPFw8qOicl7kcSew2cIVR6QIbzyI0 vok05yAxqhAC/pggVF2jkTTz5o8KBLd4u5gI7Wdvykv3F5oV7zNEDaTbkuRDITuk sJUyCZ/775h38G1BeUfDXF/6RexWdMKPzuMsbB95+idKDFXVuBLF/kXc6STkY65T FQ/7PKpKGA6V/AVy12AXp4KLiKojKBWrzkubpu+Om8X3fi6czsXFnXteHOqE/zuO NiVgEzC5h9Bxoxrm+/54XxnWEgjz35XRYjBmZ+8ftsRGH7xpMRZPKt+WyCOQ6Uob HMTfSfzheD29c+88+mTtqgCkrYqiq4vbO/hfBlOmwwBE4RXPvmHGEKpvm7rNmhsc ypcqaCqlxBMgn7jmWKvSKVoDvZ/DLC9NZQ5fYn12V8BZhKbIzkc=
    =ORI2
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • Who's Online

  • Recent Visitors

    • Plume
      Mon Jun 9 20:39:48 2025
      from Uk via SSH
    • Michal Wronka
      Mon Jun 9 19:31:41 2025
      from Wroclaw, Poland via Telnet
    • Driswillis156
      Sun Jun 8 22:29:00 2025
      from Nope via SSH
    • Bob Worm
      Sun Jun 8 21:04:22 2025
      from Wales, Uk via Telnet
    • Logan
      Sun Jun 8 15:24:00 2025
      from Adelaide via Telnet
    • Plume
      Sun Jun 8 14:13:27 2025
      from Uk via SSH
    • Bob Worm
      Sun Jun 8 13:48:17 2025
      from Wales, Uk via Telnet
    • Jack
      Sun Jun 8 06:41:19 2025
      from Mississipi via Telnet
  • System Info

    Sysop: Keyop
    Location: Huddersfield, West Yorkshire, UK
    Users: 489
    Nodes: 16 (2 / 14)
    Uptime: 32:57:01
    Calls: 9,667
    Calls today: 2
    Files: 13,716
    Messages: 6,169,029

© >>> Magnum BBS <<<, 2025