Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 341823 - mail-client/thunderbird{,bin}: Multiple Vulnerabilities (CVE-2010-{3173,3182,3170,3178,3177,3183,3180,3179,3176,3175,3174})
Summary: mail-client/thunderbird{,bin}: Multiple Vulnerabilities (CVE-2010-{3173,3182,...
Status: RESOLVED DUPLICATE of bug 341821
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
Whiteboard: A2 [ebuild]
Depends on:
Reported: 2010-10-19 22:20 UTC by Tim Sammut (RETIRED)
Modified: 2010-10-20 03:31 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2010-10-19 22:20:41 UTC
+++ This bug was initially created as a clone of Bug #341821 +++

Mozilla has released nine advisories affecting these packages.

MFSA 2010-72 CVE-2010-3173 Low
Insecure Diffie-Hellman key exchange

MFSA 2010-71 CVE-2010-3182 Critical
Unsafe library loading vulnerabilities

MFSA 2010-70 CVE-2010-3170 Moderate
SSL wildcard certificate matching IP addresses

MFSA 2010-69 CVE-2010-3178 High
Cross-site information disclosure via modal calls

MFSA 2010-68 CVE-2010-3177 High
XSS in gopher parser when parsing hrefs

MFSA 2010-67 CVE-2010-3183 Critical
Dangling pointer vulnerability in LookupGetterOrSetter

MFSA 2010-66 CVE-2010-3180 Critical
Use-after-free error in nsBarProp

MFSA 2010-65 CVE-2010-3179 Critical
Buffer overflow and memory corruption using document.write

MFSA 2010-64 CVE-2010-3176, CVE-2010-3175, CVE-2010-3174 Critical
Miscellaneous memory safety hazards (rv:
Comment 1 Jory A. Pratt gentoo-dev 2010-10-20 03:31:22 UTC

*** This bug has been marked as a duplicate of bug 341821 ***