Test Kennung:	1.3.6.1.4.1.25623.1.0.883132
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for thunderbird CESA-2019:3756 centos6
Zusammenfassung:	The remote host is missing an update for the 'thunderbird'; package(s) announced via the CESA-2019:3756 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'thunderbird' package(s) announced via the CESA-2019:3756 advisory. Vulnerability Insight: Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.2.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'thunderbird' package(s) on CentOS 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-11757 https://security.gentoo.org/glsa/202003-10 https://usn.ubuntu.com/4335-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-11758 Common Vulnerability Exposure (CVE) ID: CVE-2019-11759 Common Vulnerability Exposure (CVE) ID: CVE-2019-11760 Common Vulnerability Exposure (CVE) ID: CVE-2019-11761 Common Vulnerability Exposure (CVE) ID: CVE-2019-11762 Common Vulnerability Exposure (CVE) ID: CVE-2019-11763 Common Vulnerability Exposure (CVE) ID: CVE-2019-11764 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1558522%2C1577061%2C1548044%2C1571223%2C1573048%2C1578933%2C1575217%2C1583684%2C1586845%2C1581950%2C1583463%2C1586599 Common Vulnerability Exposure (CVE) ID: CVE-2019-15903 Bugtraq: 20190917 [slackware-security] expat (SSA:2019-259-01) (Google Search) https://seclists.org/bugtraq/2019/Sep/30 Bugtraq: 20190923 [SECURITY] [DSA 4530-1] expat security update (Google Search) https://seclists.org/bugtraq/2019/Sep/37 Bugtraq: 20191021 [slackware-security] python (SSA:2019-293-01) (Google Search) https://seclists.org/bugtraq/2019/Oct/29 Bugtraq: 20191101 [SECURITY] [DSA 4549-1] firefox-esr security update (Google Search) https://seclists.org/bugtraq/2019/Nov/1 Bugtraq: 20191118 [SECURITY] [DSA 4571-1] thunderbird security update (Google Search) https://seclists.org/bugtraq/2019/Nov/24 Bugtraq: 20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra (Google Search) https://seclists.org/bugtraq/2019/Dec/23 Bugtraq: 20191211 APPLE-SA-2019-12-10-5 tvOS 13.3 (Google Search) https://seclists.org/bugtraq/2019/Dec/21 Bugtraq: 20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1 (Google Search) https://seclists.org/bugtraq/2019/Dec/17 https://github.com/libexpat/libexpat/issues/342 https://security.netapp.com/advisory/ntap-20190926-0004/ https://support.apple.com/kb/HT210785 https://support.apple.com/kb/HT210788 https://support.apple.com/kb/HT210789 https://support.apple.com/kb/HT210790 https://support.apple.com/kb/HT210793 https://support.apple.com/kb/HT210794 https://support.apple.com/kb/HT210795 Debian Security Information: DSA-4530 (Google Search) https://www.debian.org/security/2019/dsa-4530 Debian Security Information: DSA-4549 (Google Search) https://www.debian.org/security/2019/dsa-4549 Debian Security Information: DSA-4571 (Google Search) https://www.debian.org/security/2019/dsa-4571 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/ http://seclists.org/fulldisclosure/2019/Dec/23 http://seclists.org/fulldisclosure/2019/Dec/26 http://seclists.org/fulldisclosure/2019/Dec/27 http://seclists.org/fulldisclosure/2019/Dec/30 https://security.gentoo.org/glsa/201911-08 http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43 https://github.com/libexpat/libexpat/issues/317 https://github.com/libexpat/libexpat/pull/318 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html RedHat Security Advisories: RHSA-2019:3210 https://access.redhat.com/errata/RHSA-2019:3210 RedHat Security Advisories: RHSA-2019:3237 https://access.redhat.com/errata/RHSA-2019:3237 RedHat Security Advisories: RHSA-2019:3756 https://access.redhat.com/errata/RHSA-2019:3756 SuSE Security Announcement: openSUSE-SU-2019:2204 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html SuSE Security Announcement: openSUSE-SU-2019:2205 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html SuSE Security Announcement: openSUSE-SU-2019:2420 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html SuSE Security Announcement: openSUSE-SU-2019:2424 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html SuSE Security Announcement: openSUSE-SU-2019:2425 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html SuSE Security Announcement: openSUSE-SU-2019:2447 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html SuSE Security Announcement: openSUSE-SU-2019:2451 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html SuSE Security Announcement: openSUSE-SU-2019:2452 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html SuSE Security Announcement: openSUSE-SU-2019:2459 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html SuSE Security Announcement: openSUSE-SU-2019:2464 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html SuSE Security Announcement: openSUSE-SU-2020:0010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html https://usn.ubuntu.com/4132-1/ https://usn.ubuntu.com/4132-2/ https://usn.ubuntu.com/4165-1/ https://usn.ubuntu.com/4202-1/
Copyright	Copyright (C) 2019 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.