Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 678072 (CVE-2018-18509, MFSA-2019-06) - <mail-client/thunderbird{,-bin}-60.5.1: multiple vulnerabilities (MFSA-2019-06,CVE-{2018-{18335, 18356, 18509}, 2019-5785})
Summary: <mail-client/thunderbird{,-bin}-60.5.1: multiple vulnerabilities (MFSA-2019-0...
Status: RESOLVED FIXED
Alias: CVE-2018-18509, MFSA-2019-06
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://www.mozilla.org/en-US/securit...
Whiteboard: B2 [glsa+ cleanup]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-02-15 14:49 UTC by Thomas Deutschmann
Modified: 2019-04-02 04:34 UTC (History)
1 user (show)

See Also:
Package list:
mail-client/thunderbird-60.5.1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann gentoo-dev 2019-02-15 14:49:44 UTC
CVE-2018-18356: Use-after-free in Skia

Impact
    high

Description

A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash.


CVE-2019-5785: Integer overflow in Skia

Impact
    high

Description

An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash.


CVE-2018-18335: Buffer overflow in Skia with accelerated Canvas 2D

Impact
    high

Description

A buffer overflow vulnerability in the Skia library can occur with Canvas 2D acceleration on macOS. This issue was addressed by disabling Canvas 2D acceleration in Firefox ESR.
Note: this does not affect other versions and platforms where Canvas 2D acceleration is already disabled by default.


CVE-2018-18509: S/MIME signature spoofing

Impact
    high

Description

A flaw during verification of certain S/MIME signatures causes emails to be shown in Thunderbird as having a valid digital signature, even if the shown message contents aren't covered by the signature. The flaw allows an attacker to reuse a valid S/MIME signature to craft an email message with arbitrary content.
Comment 1 Thomas Deutschmann gentoo-dev 2019-02-15 18:22:05 UTC
x86 stable
Comment 2 Agostino Sarubbo gentoo-dev 2019-02-19 06:36:23 UTC
amd64 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 3 Larry the Git Cow gentoo-dev 2019-02-20 21:02:04 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa065e4f80e91585d0e1f45d9097405edb0c9737

commit aa065e4f80e91585d0e1f45d9097405edb0c9737
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2019-02-20 21:01:52 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2019-02-20 21:01:52 +0000

    mail-client/thunderbird-bin: security cleanup
    
    Bug: https://bugs.gentoo.org/678072
    Package-Manager: Portage-2.3.60, Repoman-2.3.12
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 mail-client/thunderbird-bin/Manifest               | 111 ------------
 .../thunderbird-bin-60.4.0-r1.ebuild               | 187 ---------------------
 .../thunderbird-bin/thunderbird-bin-60.5.0.ebuild  | 187 ---------------------
 3 files changed, 485 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7ed919f55c68dffbc87c79123478c9c61e7b73f

commit b7ed919f55c68dffbc87c79123478c9c61e7b73f
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2019-02-20 21:00:53 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2019-02-20 21:00:53 +0000

    mail-client/thunderbird: security cleanup
    
    Bug: https://bugs.gentoo.org/678072
    Package-Manager: Portage-2.3.60, Repoman-2.3.12
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 mail-client/thunderbird/Manifest                  | 110 -----
 mail-client/thunderbird/thunderbird-60.4.0.ebuild | 564 ----------------------
 mail-client/thunderbird/thunderbird-60.5.0.ebuild | 564 ----------------------
 3 files changed, 1238 deletions(-)
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2019-03-10 06:28:08 UTC
Maintainer(s), please drop the vulnerable version(s).
New GLSA Request filed.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2019-04-02 04:34:02 UTC
This issue was resolved and addressed in
 GLSA 201904-07 at https://security.gentoo.org/glsa/201904-07
by GLSA coordinator Aaron Bauman (b-man).