AVG-1086 log

Package thunderbird
Status Fixed
Severity Critical
Type multiple issues
Affected 68.3.1-1
Fixed 68.4.1-1
Current 68.6.0-2 [testing]
68.6.0-1 [extra]
Ticket None
Created Mon Jan 13 16:06:59 2020
Issue Severity Remote Type Description
CVE-2019-17026 Critical Yes Arbitrary code execution
A type confusion vulnerability has been found in Firefox before 72.0.1, and Thunderbird before 68.4.1. Incorrect alias information in IonMonkey JIT compiler...
CVE-2019-17024 Critical Yes Arbitrary code execution
Several memory safety issues have been found in Firefox before 72.0, Firefox ESR before 68.4.1, and Thunderbird before 68.3. Some of these bugs showed...
CVE-2019-17022 Medium Yes Insufficient validation
A security issue has been found in Firefox before 72.0, and Thunderbird before 68.4.1 where CSS sanitization does not escape HTML tags. When pasting a...
CVE-2019-17017 Critical Yes Arbitrary code execution
A type confusion issue has been found in Firefox before 72.0, and Thunderbird before 68.4.1, in XPCVariant.cpp where, due to a missing case handling object...
CVE-2019-17016 High Yes Insufficient validation
A security issue has been found in Firefox before 72.0, and Thunderbird before 68.4.1. When pasting a <style> tag from the clipboard into a rich text...
Date Advisory Package Description
14 Jan 2020 ASA-202001-4 thunderbird multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/