645812 – <mail-client/thunderbird{,-bin}-52.5.6: Security vulnerabilities: version bump

Bug 645812 - <mail-client/thunderbird{,-bin}-52.5.6: Security vulnerabilities: version bump

Summary: <mail-client/thunderbird{,-bin}-52.5.6: Security vulnerabilities: version bump

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://www.mozilla.org/en-US/securit...
Whiteboard:	B2 [glsa+]
Keywords:

Depends on:
Blocks:

Reported:	2018-01-26 15:43 UTC by Manfred Knick
Modified:	2018-03-28 18:25 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Manfred Knick 2018-01-26 15:43:28 UTC

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04/

Security vulnerabilities fixed in Thunderbird 52.6

Announced
    January 25, 2018
Impact
    critical
Products
    Thunderbird
Fixed in
        Thunderbird 52.6

In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts.

Comment 1 Frank Krömmelbein 2018-02-16 22:56:56 UTC

I think the software is now long enough in the tree, so could we please start the stabilization process? 
The bin package has already stable keywords.

Comment 2 GLSAMaker/CVETool Bot gentoo-dev

2018-03-28 18:25:16 UTC

This issue was resolved and addressed in
 GLSA 201803-14 at https://security.gentoo.org/glsa/201803-14
by GLSA coordinator Aaron Bauman (b-man).