diff options
Diffstat (limited to 'metadata/glsa/glsa-200610-01.xml')
-rw-r--r-- | metadata/glsa/glsa-200610-01.xml | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/metadata/glsa/glsa-200610-01.xml b/metadata/glsa/glsa-200610-01.xml new file mode 100644 index 000000000000..83855adedf0e --- /dev/null +++ b/metadata/glsa/glsa-200610-01.xml @@ -0,0 +1,82 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="200610-01"> + <title>Mozilla Thunderbird: Multiple vulnerabilities</title> + <synopsis> + The Mozilla Foundation has reported multiple security vulnerabilities + related to Mozilla Thunderbird. + </synopsis> + <product type="ebuild">thunderbird</product> + <announced>2006-10-04</announced> + <revised>2006-10-04: 01</revised> + <bug>147653</bug> + <access>remote</access> + <affected> + <package name="mail-client/mozilla-thunderbird" auto="yes" arch="*"> + <unaffected range="ge">1.5.0.7</unaffected> + <vulnerable range="lt">1.5.0.7</vulnerable> + </package> + <package name="mail-client/mozilla-thunderbird-bin" auto="yes" arch="*"> + <unaffected range="ge">1.5.0.7</unaffected> + <vulnerable range="lt">1.5.0.7</vulnerable> + </package> + </affected> + <background> + <p> + The Mozilla Thunderbird mail client is a redesign of the Mozilla Mail + component. + </p> + </background> + <description> + <p> + A number of vulnerabilities have been found and fixed in Mozilla + Thunderbird. For details please consult the references below. + </p> + </description> + <impact type="normal"> + <p> + The most severe vulnerabilities might lead to the execution of + arbitrary code with the rights of the user running the application. + Other vulnerabilities include program crashes and the acceptance of + forged certificates. + </p> + </impact> + <workaround> + <p> + There is no known workaround at this time. + </p> + </workaround> + <resolution> + <p> + All Mozilla Thunderbird users should upgrade to the latest version: + </p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-1.5.0.7"</code> + <p> + All Mozilla Thunderbird binary users should upgrade to the latest + version: + </p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-client/mozilla-thunderbird-bin-1.5.0.7"</code> + </resolution> + <references> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4253">CVE-2006-4253</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4340">CVE-2006-4340</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4565">CVE-2006-4565</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4566">CVE-2006-4566</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4567">CVE-2006-4567</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4570">CVE-2006-4570</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4571">CVE-2006-4571</uri> + </references> + <metadata tag="requester" timestamp="2006-09-28T19:46:25Z"> + vorlon078 + </metadata> + <metadata tag="bugReady" timestamp="2006-09-29T21:05:25Z"> + vorlon078 + </metadata> + <metadata tag="submitter" timestamp="2006-09-30T21:18:44Z"> + vorlon078 + </metadata> +</glsa> |