AVG-530 log
| Package | thunderbird |
| Status | Fixed |
| Severity | Critical |
| Type | multiple issues |
| Affected | 52.4.0-2 |
| Fixed | 52.5.0-1 |
| Current |
144.0.1-2 [extra-testing] 144.0.1-1 [extra] |
| Ticket | None |
| Created | Thu Nov 30 12:24:26 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-7830 | High | Yes | Same-origin policy bypass | The Resource Timing API in Firefox before 57.0 and Thunderbird before 52.5 incorrectly revealed navigations in cross-origin iframes. This is a same-origin... |
| CVE-2017-7828 | Critical | Yes | Arbitrary code execution | A use-after-free vulnerability can occur in Firefox before 57.0 and Thunderbird before 52.5 when flushing and resizing layout because the PressShell object... |
| CVE-2017-7826 | Critical | Yes | Arbitrary code execution | Several reported memory safety bugs have been found in Firefox before 57.0 and Thunderbird before 52.5. Some of these bugs showed evidence of memory... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 30 Nov 2017 | ASA-201711-43 | thunderbird | multiple issues |
| References |
|---|
https://www.mozilla.org/en-US/security/advisories/mfsa2017-26/ |