ASA-202101-17 log generated external raw

[ASA-202101-17] thunderbird: arbitrary code execution
Arch Linux Security Advisory ASA-202101-17 ========================================== Severity: Critical Date : 2021-01-12 CVE-ID : CVE-2020-16044 Package : thunderbird Type : arbitrary code execution Remote : Yes Link : Summary ======= The package thunderbird before version 78.6.1-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 78.6.1-1. # pacman -Syu "thunderbird>=78.6.1-1" The problem has been fixed upstream in version 78.6.1. Workaround ========== None. Description =========== A security issue was found in Firefox before 84.0.2 and Thunderbird before 78.6.1-1. A malicious peer could have modified a COOKIE-ECHO chunk in an SCTP packet in a way that potentially resulted in a use- after-free. Mozilla presumes that with enough effort it could have been exploited to run arbitrary code. Impact ====== A malicious remote user could forge an SCTP packet and possibly execute arbitrary code. References ==========