Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in thunderbird
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in thunderbird
ID: RHSA-2026:3517
Distribution: Red Hat
Plattformen: Red Hat Enterprise Linux AppStream (v. 10)
Datum: Di, 3. März 2026, 07:13
Referenzen: https://access.redhat.com/security/cve/CVE-2026-2771
https://access.redhat.com/security/cve/CVE-2026-2791
https://bugzilla.redhat.com/show_bug.cgi?id=2442331
https://access.redhat.com/security/cve/CVE-2026-2773
https://access.redhat.com/security/cve/CVE-2026-2793
https://bugzilla.redhat.com/show_bug.cgi?id=2442328
https://bugzilla.redhat.com/show_bug.cgi?id=2442337
https://bugzilla.redhat.com/show_bug.cgi?id=2442288
https://bugzilla.redhat.com/show_bug.cgi?id=2442313
https://access.redhat.com/security/cve/CVE-2026-2780
https://bugzilla.redhat.com/show_bug.cgi?id=2442304
https://bugzilla.redhat.com/show_bug.cgi?id=2442312
https://access.redhat.com/security/cve/CVE-2026-2768
https://access.redhat.com/security/cve/CVE-2026-2788
https://access.redhat.com/security/cve/CVE-2026-2792
https://access.redhat.com/security/cve/CVE-2026-2772
https://bugzilla.redhat.com/show_bug.cgi?id=2442292
https://access.redhat.com/security/cve/CVE-2026-2769
https://access.redhat.com/security/cve/CVE-2026-2789
https://access.redhat.com/security/cve/CVE-2026-2774
https://access.redhat.com/security/cve/CVE-2026-2760
https://bugzilla.redhat.com/show_bug.cgi?id=2442300
https://bugzilla.redhat.com/show_bug.cgi?id=2442287
https://bugzilla.redhat.com/show_bug.cgi?id=2442320
https://bugzilla.redhat.com/show_bug.cgi?id=2442284
https://bugzilla.redhat.com/show_bug.cgi?id=2442343
https://bugzilla.redhat.com/show_bug.cgi?id=2442334
https://bugzilla.redhat.com/show_bug.cgi?id=2442302
https://bugzilla.redhat.com/show_bug.cgi?id=2442297
https://bugzilla.redhat.com/show_bug.cgi?id=2442327
https://bugzilla.redhat.com/show_bug.cgi?id=2442324
https://bugzilla.redhat.com/show_bug.cgi?id=2442316
https://access.redhat.com/security/cve/CVE-2026-2775
https://access.redhat.com/security/cve/CVE-2026-2767
https://access.redhat.com/security/cve/CVE-2026-2787
https://access.redhat.com/security/cve/CVE-2026-2776
https://bugzilla.redhat.com/show_bug.cgi?id=2442309
https://access.redhat.com/security/cve/CVE-2026-2766
https://access.redhat.com/security/cve/CVE-2026-2757
https://access.redhat.com/security/cve/CVE-2026-2765
https://bugzilla.redhat.com/show_bug.cgi?id=2442322
https://bugzilla.redhat.com/show_bug.cgi?id=2442335
https://bugzilla.redhat.com/show_bug.cgi?id=2442295
https://bugzilla.redhat.com/show_bug.cgi?id=2442333
https://bugzilla.redhat.com/show_bug.cgi?id=2442294
https://bugzilla.redhat.com/show_bug.cgi?id=2442326
https://access.redhat.com/security/cve/CVE-2026-2447
https://access.redhat.com/security/cve/CVE-2026-2786
https://access.redhat.com/security/cve/CVE-2026-2777
https://access.redhat.com/errata/RHSA-2026:3517
https://access.redhat.com/security/cve/CVE-2026-2785
https://bugzilla.redhat.com/show_bug.cgi?id=2442307
https://access.redhat.com/security/cve/CVE-2026-2783
https://access.redhat.com/security/cve/CVE-2026-2781
https://access.redhat.com/security/cve/CVE-2026-2758
https://bugzilla.redhat.com/show_bug.cgi?id=2442290
https://bugzilla.redhat.com/show_bug.cgi?id=2442308
https://access.redhat.com/security/cve/CVE-2026-2762
https://bugzilla.redhat.com/show_bug.cgi?id=2442291
https://bugzilla.redhat.com/show_bug.cgi?id=2442319
https://access.redhat.com/security/cve/CVE-2026-2759
https://bugzilla.redhat.com/show_bug.cgi?id=2442325
https://access.redhat.com/security/cve/CVE-2026-2770
https://access.redhat.com/security/cve/CVE-2026-2790
https://access.redhat.com/security/cve/CVE-2026-2764
https://bugzilla.redhat.com/show_bug.cgi?id=2440219
https://bugzilla.redhat.com/show_bug.cgi?id=2442298
https://access.redhat.com/security/cve/CVE-2026-2778
https://access.redhat.com/security/cve/CVE-2026-2761
https://bugzilla.redhat.com/show_bug.cgi?id=2442318
https://bugzilla.redhat.com/show_bug.cgi?id=2442342
https://bugzilla.redhat.com/show_bug.cgi?id=2442329
https://access.redhat.com/security/cve/CVE-2026-2763
https://access.redhat.com/security/cve/CVE-2026-2784
https://bugzilla.redhat.com/show_bug.cgi?id=2442314
https://access.redhat.com/security/cve/CVE-2026-2779
https://access.redhat.com/security/cve/CVE-2026-2782
Applikationen: Mozilla Thunderbird

Originalnachricht

 
An update for thunderbird is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of
 Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

* libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)

* firefox: Invalid pointer in the JavaScript Engine component (CVE-2026-2785)

* firefox: Memory safety bugs fixed in Firefox ESR 115.33, Firefox ESR 140.8,
 Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2793)

* firefox: Undefined behavior in the DOM: Core & HTML component
 (CVE-2026-2771)

* firefox: Integer overflow in the Audio/Video component (CVE-2026-2774)

* firefox: Sandbox escape due to incorrect boundary conditions in the Telemetry
 component in External Software (CVE-2026-2776)

* firefox: Integer overflow in the Libraries component in NSS (CVE-2026-2781)

* firefox: Use-after-free in the JavaScript Engine: JIT component
 (CVE-2026-2766)

* firefox: Use-after-free in the Storage: IndexedDB component (CVE-2026-2769)

* firefox: Use-after-free in the DOM: Window and Location component
 (CVE-2026-2787)

* firefox: Sandbox escape in the Storage: IndexedDB component (CVE-2026-2768)

* firefox: Information disclosure due to JIT miscompilation in the JavaScript
 Engine: JIT component (CVE-2026-2783)

* firefox: Incorrect boundary conditions in the Audio/Video: GMP component
 (CVE-2026-2788)

* firefox: Mitigation bypass in the DOM: Security component (CVE-2026-2784)

* firefox: Incorrect boundary conditions in the Graphics: ImageLib component
 (CVE-2026-2759)

* firefox: Integer overflow in the JavaScript: Standard Library component
 (CVE-2026-2762)

* firefox: Sandbox escape in the Graphics: WebRender component (CVE-2026-2761)

* firefox: Privilege escalation in the Messaging System component
 (CVE-2026-2777)

* firefox: Same-origin policy bypass in the Networking: JAR component
 (CVE-2026-2790)

* firefox: Mitigation bypass in the DOM: HTML Parser component (CVE-2026-2775)

* firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2763)

* firefox: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR
 140.8, Firefox 148 and Thunderbird 148 (CVE-2026-2792)

* firefox: Incorrect boundary conditions in the Web Audio component
 (CVE-2026-2773)

* firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2786)

* firefox: Use-after-free in the Graphics: ImageLib component (CVE-2026-2789)

* firefox: thunderbird: Incorrect boundary conditions in the WebRTC:
 Audio/Video component (CVE-2026-2757)

* firefox: Sandbox escape due to incorrect boundary conditions in the Graphics:
 WebRender component (CVE-2026-2760)

* firefox: Use-after-free in the Audio/Video: Playback component
 (CVE-2026-2772)

* firefox: Incorrect boundary conditions in the Networking: JAR component
 (CVE-2026-2779)

* firefox: Use-after-free in the JavaScript: WebAssembly component
 (CVE-2026-2767)

* firefox: JIT miscompilation, use-after-free in the JavaScript Engine: JIT
 component (CVE-2026-2764)

* firefox: Privilege escalation in the Netmonitor component (CVE-2026-2782)

* firefox: Use-after-free in the JavaScript Engine component (CVE-2026-2765)

* firefox: Privilege escalation in the Netmonitor component (CVE-2026-2780)

* firefox: Sandbox escape due to incorrect boundary conditions in the DOM: Core
 & HTML component (CVE-2026-2778)

* firefox: Use-after-free in the JavaScript: GC component (CVE-2026-2758)

* firefox: Mitigation bypass in the Networking: Cache component (CVE-2026-2791)

* firefox: Use-after-free in the DOM: Bindings (WebIDL) component
 (CVE-2026-2770)

For more details about the security issue(s), including the impact, a CVSS
 score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2026-2447
CVE-2026-2757
CVE-2026-2758
CVE-2026-2759
CVE-2026-2760
CVE-2026-2761
CVE-2026-2762
CVE-2026-2763
CVE-2026-2764
CVE-2026-2765
CVE-2026-2766
CVE-2026-2767
CVE-2026-2768
CVE-2026-2769
CVE-2026-2770
CVE-2026-2771
CVE-2026-2772
CVE-2026-2773
CVE-2026-2774
CVE-2026-2775
CVE-2026-2776
CVE-2026-2777
CVE-2026-2778
CVE-2026-2779
CVE-2026-2780
CVE-2026-2781
CVE-2026-2782
CVE-2026-2783
CVE-2026-2784
CVE-2026-2785
CVE-2026-2786
CVE-2026-2787
CVE-2026-2788
CVE-2026-2789
CVE-2026-2790
CVE-2026-2791
CVE-2026-2792
CVE-2026-2793
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung