Date: Thu, 28 Feb 2008 22:25:13 GMT From: Gary Palmer <gpalmer@FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/121189: mail/thunderbird needs updating to address security issues Message-ID: <200802282225.m1SMPDgx069177@www.freebsd.org> Resent-Message-ID: <200802282230.m1SMU7CV090604@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 121189 >Category: ports >Synopsis: mail/thunderbird needs updating to address security issues >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Thu Feb 28 22:30:07 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Gary Palmer >Release: n/a >Organization: >Environment: n/a >Description: The following security issues are fixed in Thunderbird 2.0.0.12 MFSA 2008-12 Heap buffer overflow in external MIME bodies MFSA 2008-07 Possible information disclosure in BMP decoder MFSA 2008-05 Directory traversal via chrome: URI MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12) >How-To-Repeat: cd /usr/ports/mail/thunderbird grep DISTVERSION Makefile >Fix: Untested patch attached >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802282225.m1SMPDgx069177>