AVG-980 log
| Package | thunderbird |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 60.7.0-1 |
| Fixed | 60.7.1-1 |
| Current |
145.0-1 [extra-testing] 144.0.1-4 [extra] |
| Ticket | None |
| Created | Fri Jun 14 07:51:24 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-11706 | Low | Yes | Denial of service | A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email... |
| CVE-2019-11705 | High | Yes | Arbitrary code execution | A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email... |
| CVE-2019-11704 | High | Yes | Arbitrary code execution | A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email... |
| CVE-2019-11703 | High | Yes | Arbitrary code execution | A flaw in Thunderbird's implementation of iCal before 60.7.1 causes a heap buffer overflow in parser_get_next_char when processing certain email messages,... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 14 Jun 2019 | ASA-201906-10 | thunderbird | multiple issues |
| References |
|---|
https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/ |