This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============6374661059304945906==
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="xtV9whDJ2vLR289muS13CwB2K4RQbjuE3"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--xtV9whDJ2vLR289muS13CwB2K4RQbjuE3
Content-Type: multipart/mixed; boundary="MJm5VWR5431woeNjlfD9Ka2TUPJiCt4wV"
From: Chris Coulson
Reply-To: Ubuntu Security
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID:
Subject: [USN-3165-1] Thunderbird vulnerabilities
--MJm5VWR5431woeNjlfD9Ka2TUPJiCt4wV
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
==========================================================================
Ubuntu Security Notice USN-3165-1
January 28, 2017
thunderbird vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in Thunderbird.
Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client
Details:
Multiple memory safety issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted message, an attacker could
potentially exploit these to cause a denial of service via application
crash, or execute arbitrary code. (CVE-2016-9893, CVE-2017-5373)
Andrew Krasichkov discovered that event handlers on
|