ROSA Linux Bugzilla – Bug 6273
[UPGRADE REQUEST] firefox-esr, thunderbird and seamonkey outdated
Last modified: 2016-03-17 11:46:27 MSK
need fix bugs and vulnerabilities
firefox-esr-24.8.0-1-rosa2014.1.x86_64 outdated, should be upgraded to 38.3
mozilla-thunderbird-38.2.0-1-rosa2014.1.x86_64 outdated, should be upgraded to 38.3
seamonkey-2.26.1-1-rosa2014.1.x86_64 outdated, should be upgraded to 2.38
Escalation. FireFox ESR is a security risk and should be updated to 38.4.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Thunderbird to crash or,
potentially, execute arbitrary code with the privileges of the user running
Thunderbird (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960,
CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966).
Multiple security flaws were found in the graphite2 font library shipped
with Thunderbird. A web page containing malicious content could cause it
to crash or, potentially, execute arbitrary code with the privileges of the
user running Thunderbird (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,
CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,
CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,
Opening a new bug for these new issues.