AVG-1115 log

Package thunderbird
Status Fixed
Severity Critical
Type multiple issues
Affected 68.5.0-1
Fixed 68.6.0-1
Current 128.5.2-1 [extra-testing]
128.5.1-1 [extra]
Ticket None
Created Mon Mar 16 11:30:58 2020
Issue Severity Remote Type Description
CVE-2020-6814 Critical Yes Arbitrary code execution
Several memory safety and script safety bugs have been found in Firefox before 74, Firefox ESR before 68.6 and Thunderbird before 68.6. Some of these bugs...
CVE-2020-6812 Medium Yes Information disclosure
An information disclosure issue has been found in Firefox before 74 and Thunderbird before 68.6. The first time AirPods are connected to an iPhone, they...
CVE-2020-6811 Medium Yes Arbitrary command execution
A security issue has been found in Firefox before 74 and Thunderbird before 68.6, where the 'Copy as cURL' feature of Devtools' network tab did not properly...
CVE-2020-6807 Critical Yes Arbitrary code execution
A use-after-free issue has been found in Firefox before 74 and Thunderbird before 68.6, in cubeb  during stream destruction. When a device was changed while...
CVE-2020-6806 Critical Yes Arbitrary code execution
A state confusion issue has been found in Firefox before 74 and Thunderbird before 68.6, in BodyStream::OnInputStreamReady. By carefully crafting promise...
CVE-2020-6805 Critical Yes Arbitrary code execution
A use-after-free issue has been found in Firefox before 74 and Thunderbird before 68.6. When removing data about an origin whose tab was recently closed, a...
CVE-2019-20503 Medium Yes Information disclosure
An out-of-bounds read has been found in Firefox before 74, Thunderbird before 68.6 and chromium before 80.0.3987.149. The inputs to...
Date Advisory Package Type
16 Mar 2020 ASA-202003-11 thunderbird multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/