ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).

Skip to content

Open Issue created Jul 22, 2023 by **Richard Laager@rlaager**Maintainer

**segfault in libcrypto.so**

A Debian bug was filed regarding a crash in NTPsec 1.2.2.

His ntp.conf is the (Debian) stock ntp.conf. With comments removed, it is:

    driftfile /var/lib/ntpsec/ntp.drift
    leapfile /usr/share/zoneinfo/leap-seconds.list
    tos maxclock 11
    tos minclock 4 minsane 3
    pool 0.debian.pool.ntp.org iburst
    pool 1.debian.pool.ntp.org iburst
    pool 2.debian.pool.ntp.org iburst
    pool 3.debian.pool.ntp.org iburst
    restrict default kod nomodify nopeer noquery limited
    restrict 127.0.0.1
    restrict ::1

The ntpsec version of ntpd starts as expected, but randomly crashes in a few hours. It reports the following information to the kern.log file:

    2023-06-17T01:12:52.873519+00:00 karita kernel: [258683.650167] ntpd[23269]: segfault at 10 ip 00007f6d3ece0ab3 sp 00007ffc9c364830 error 4 in libcrypto.so.3[7f6d3ecc5000+278000] likely on CPU 1 (core 0, socket 1)
    2023-06-17T01:12:52.873554+00:00 karita kernel: [258683.650185] Code: 1f 84 00 00 00 00 00 48 83 ec 08 48 c7 c0 ff ff ff ff 48 85 ff 0f 84 63 04 00 00 48 85 d2 0f 84 5a 04 00 00 41 ba 00 08 00 10 <0f> 10 07 0f 57 e4 44 23 15 e4 fa 39 00 48 8d 42 10 81 fe 00 01 00

Here's a backtrace from the latest ntpsec coredump.

    root@karita:/var/lib/systemd/coredump# export
    DEBUGINFOD_URLS="https://debuginfod.debian.net"
    root@karita:/var/lib/systemd/coredump# coredumpctl debug                
                      PID: 61726 (ntpd)
               UID: 110 (ntpsec)
               GID: 117 (ntpsec)
            Signal: 11 (SEGV)
         Timestamp: Fri 2023-06-30 02:33:27 UTC (59min ago)
      Command Line: /usr/sbin/ntpd -p /run/ntpd.pid -c /etc/ntpsec/ntp.conf
    -g -N -u ntpsec:ntpsec
        Executable: /usr/sbin/ntpd
     Control Group: /system.slice/ntpsec.service
              Unit: ntpsec.service
             Slice: system.slice
           Boot ID: 0e943a6b0cfe4fdd9e032c3d91c9d58d
        Machine ID: 0e50b80b858599a4a8aa8383662e5bb4
          Hostname: karita
           Storage:
    /var/lib/systemd/coredump/core.ntpd.110.0e943a6b0cfe4fdd9e032c3d91c9d58d.61726.1688092407000000.zst
    (present)
      Size on Disk: 775.6K
           Message: Process 61726 (ntpd) of user 110 dumped core.
    
                    Module libnss_systemd.so.2 from deb
    systemd-252.6-1.amd64
                    Stack trace of thread 61726:
                    #0  0x00007f280d4e0ab3 aesni_set_encrypt_key
    (libcrypto.so.3 + 0xe0ab3)
                    #1  0x00007f280d6f3d45 cipher_hw_aesni_initkey
    (libcrypto.so.3 + 0x2f3d45)
                    #2  0x00007f280d7397fb cipher_generic_init_internal
    (libcrypto.so.3 + 0x3397fb)
                    #3  0x00007f280d7398cb ossl_cipher_generic_einit
    (libcrypto.so.3 + 0x3398cb)
                    #4  0x00007f280d60993b EVP_CipherInit_ex (libcrypto.so.3
    + 0x20993b)
                    #5  0x0000560b2e1246f3 AES_SIV_Init (ntpd + 0x4c6f3)
                    #6  0x0000560b2e1255df AES_SIV_Decrypt (ntpd + 0x4d5df)
                    #7  0x0000560b2e10f40d nts_unpack_cookie (ntpd +
    0x3740d)
                    #8  0x0000560b2e10f85b extens_server_recv (ntpd +
    0x3785b)
                    #9  0x0000560b2e0f78ce receive (ntpd + 0x1f8ce)
                    #10 0x0000560b2e0ed8ea read_network_packet (ntpd +
    0x158ea)
                    #11 0x0000560b2e0ef3cf input_handler (ntpd + 0x173cf)
                    #12 0x0000560b2e0e819f mainloop (ntpd + 0x1019f)
                    #13 0x00007f280d16718a __libc_start_call_main (libc.so.6
    + 0x2718a)
                    #14 0x00007f280d167245 __libc_start_main_impl (libc.so.6
    + 0x27245)
                    #15 0x0000560b2e0e84e1 _start (ntpd + 0x104e1)
                    ELF object binary architecture: AMD x86-64
    
    GNU gdb (Debian 13.1-3) 13.1
    Copyright (C) 2023 Free Software Foundation, Inc.
    License GPLv3+: GNU GPL version 3 or later
    <http://gnu.org/licenses/gpl.html>
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.
    Type "show copying" and "show warranty" for details.
    This GDB was configured as "x86_64-linux-gnu".
    Type "show configuration" for configuration details.
    For bug reporting instructions, please see:
    <https://www.gnu.org/software/gdb/bugs/>.
    Find the GDB manual and other documentation resources online at:
        <http://www.gnu.org/software/gdb/documentation/>.
    
    For help, type "help".
    Type "apropos word" to search for commands related to "word"...
    Reading symbols from /usr/sbin/ntpd...
    Reading symbols from
    /usr/lib/debug/.build-id/8b/c6f9398efb6b8c446b2d719831f5738d563c84.debug...
    [New LWP 61726]
    
    This GDB supports auto-downloading debuginfo from the following URLs:
      <https://debuginfod.debian.net>
    Enable debuginfod for this session? (y or [n]) y
    Debuginfod has been enabled.
    To make this setting permanent, add 'set debuginfod enabled on' to
    .gdbinit.
    Downloading separate debug info for
    /lib/x86_64-linux-gnu/libnss_systemd.so.2
    Downloading separate debug info for /lib/x86_64-linux-gnu/libgcc_s.so.1
    Downloading separate debug info for system-supplied DSO at
    0x7ffc94772000
    [Thread debugging using libthread_db enabled]
    Using host libthread_db library
    "/lib/x86_64-linux-gnu/libthread_db.so.1".
    Core was generated by `/usr/sbin/ntpd -p /run/ntpd.pid -c
    /etc/ntpsec/ntp.conf -g -N -u ntpsec:ntpsec'.
    Program terminated with signal SIGSEGV, Segmentation fault.
    #0  aesni_set_encrypt_key () at crypto/aes/aesni-x86_64.s:4104
    Download failed: Invalid argument.  Continuing without source file
    ./build_shared/crypto/aes/aesni-x86_64.s.
    4104    crypto/aes/aesni-x86_64.s: No such file or directory.
    (gdb) bt
    #0  aesni_set_encrypt_key () at crypto/aes/aesni-x86_64.s:4104
    #1  0x00007f280d6f3d45 in cipher_hw_aesni_initkey (dat=0x560b2f082b50,
        key=<optimized out>, keylen=<optimized out>)
        at ../providers/implementations/ciphers/cipher_aes_hw_aesni.inc:37
    #2  0x00007f280d7397fb in cipher_generic_init_internal
    (ctx=0x560b2f082b50,
        key=0x10 <error: Cannot access memory at address 0x10>, keylen=16,
    iv=0x0,
        ivlen=0, params=0x0, enc=1)
        at ../providers/implementations/ciphers/ciphercommon.c:218
    #3  0x00007f280d7398cb in ossl_cipher_generic_einit (vctx=<optimized
    out>,
        key=<optimized out>, keylen=<optimized out>, iv=<optimized out>,
        ivlen=<optimized out>, params=<optimized out>)
        at ../providers/implementations/ciphers/ciphercommon.c:228
    #4  0x00007f280d60993b in EVP_CipherInit_ex (ctx=<optimized out>,
        cipher=<optimized out>, impl=impl@entry=0x0, key=<optimized out>,
        iv=iv@entry=0x0, enc=enc@entry=1) at ../crypto/evp/evp_enc.c:412
    #5  0x00007f280d60995b in EVP_EncryptInit_ex (ctx=<optimized out>,
        cipher=<optimized out>, impl=impl@entry=0x0, key=<optimized out>,
        iv=iv@entry=0x0) at ../crypto/evp/evp_enc.c:450
    #6  0x0000560b2e1246f3 in AES_SIV_Init (ctx=ctx@entry=0x560b2f01e5b0,
        key=key@entry=0x0, key_len=<optimized out>)
        at ../../libaes_siv/aes_siv.c:329
    #7  0x0000560b2e1255df in AES_SIV_Decrypt (ctx=0x560b2f01e5b0,
        out=out@entry=0x7ffc94695850 "\001",
    out_len=out_len@entry=0x7ffc94695848,
        key=key@entry=0x0, key_len=<optimized out>,
        nonce=nonce@entry=0x560b2ef65364
    "t\347CoA\av\236TA\022\200xge\270r\302\027\020\234\215\262\210\rv\324wtM벧\264\230pC\356@4:\336g",
    nonce_len=16,
        ciphertext=0x560b2ef65374
    "r\302\027\020\234\215\262\210\rv\324wtM벧\264\230pC\356@4:\336g",
    ciphertext_len=80, ad=0x560b2ef65360 "", ad_len=20)
        at ../../libaes_siv/aes_siv.c:582
    #8  0x0000560b2e10f40d in nts_unpack_cookie (cookie=0x560b2ef65360 "",
        cookielen=100, aead=aead@entry=0x7ffc94695962,
        c2s=c2s@entry=0x560b2ef663e8 "", s2c=s2c@entry=0x560b2ef66428 "",
        keylen=keylen@entry=0x560b2ef663e4) at ../../ntpd/nts_cookie.c:428
    #9  0x0000560b2e10f85b in extens_server_recv (
        ntspacket=ntspacket@entry=0x560b2ef66394,
        pkt=pkt@entry=0x560b2ef65308 "#", lng=<optimized out>)
        at ../../ntpd/nts_extens.c:182
    #10 0x0000560b2e0f78ce in receive (rbufp=rbufp@entry=0x560b2ef652c0)
        at ../../ntpd/ntp_proto.c:800
    #11 0x0000560b2e0ed8ea in read_network_packet (fd=fd@entry=19,
        itf=itf@entry=0x560b2ef6de60) at ../../ntpd/ntp_io.c:2243
    #12 0x0000560b2e0ef3cf in input_handler (fds=0x7ffc94696bf0)
        at ../../ntpd/ntp_io.c:2373
    #13 io_handler () at ../../ntpd/ntp_io.c:2280
    #14 0x0000560b2e0e819f in mainloop () at ../../ntpd/ntpd.c:940
    #15 main (argc=9, argv=<optimized out>) at ../../ntpd/ntpd.c:881
    (gdb)

Edited Jul 22, 2023 by James Browning

CVE-2023-4012: segfault in libcrypto.so (#794) · Issues · NTPsec / ntpsec · GitLab

Red Hat Security Advisory 2023-4497-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4497-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4497  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
thunderbird-102.14.0-1.el8_8.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_8.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_8.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_8.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_8.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_8.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P2HAAoJENzjgjWX9erEiwgP/jUVVVd6QD4VPf1CzYuBBR4b  
z9soz0fFRJmKlULKr/TSJhEJ0HAU1vRHbOT2pEc/vQicwoWnpj3qRzUPJ2q0woCV  
m2wfGonzJ17hJNDdukXweN9Zu4PvmwD+fBgseCmdhd2qtK0r1IryoxqVA1L0kE8B  
Z9fKu9gUqjDqNM0ybltIDCKrSex2Im8sKEFX4/mC4qWOP30N6fF/UeCo4bw7LaLD  
TuLhDL15lGQQGaGlOp/W45siYNl+4ZQjYV315EL6hquSM/rdRmB4xs+AoxvlqSy8  
et74pq4Nt2OzSysOkk2ZGE76schOq1VAlaJ5pgPwTcp5+L4Hv2l48w+V8KMwoHpZ  
BdvuGqosLbugeHadAHsbKXPCvhTeZZ+Y/LfI15UwLWkJOoe0EVyUyyWUgwJYoFcA  
unSOkt43Gm//jzUxF5RFqwMRp3CqHxcWm9JtSiSm5g8AHvkpmEWam6KcDQLqsBDG  
JfxqPCz0abFoTNXyHTLAygGv57LL4xA8GfjMQdhdk+jBIFwaXmIxsPT4S/rFirCL  
LSgsf4RWr8vFQrzBSfdNI0BOswRU4ZhfqdBhOa+0tUeauDdXcDMJNmPaa+L2BZ0A  
O4WYqQShvqCBBlwtXDTa0favo89GZyn8q5qo3ddZHKgC6ukWxj1DFa8/UDQqARRm  
eZgizToOWRA/4FlUZ8q4  
=LPkR  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4497-01

Red Hat Security Advisory 2023-4499-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4499-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4499  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
thunderbird-102.14.0-1.el9_2.src.rpm

aarch64:  
thunderbird-102.14.0-1.el9_2.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el9_2.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el9_2.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el9_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el9_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3BAAoJENzjgjWX9erEI4AP/isP37SsYX3PZky9trAcT0vI  
5aGzgYCUr6ioqhynQpyPmKH7tKTnfpeq0jYJHzMWM62LjEYfX76yHiIbAiaV6pRy  
Oy3aPt7sSJzN+/emLuoRF4apWLelHC3T32RexGMvVcnU7lcWNfZ7L24LiogPt4GA  
6/Q7/YQheLIveSM465UX6dp8J7wRZARl6rmK6jO7lquAupSAYY48jhl21NT5E3D+  
0g5ssrjnbitqlt0n59bM/AOaVXC1p9GcS+4EFU2Ma1EbcMrxoImKrvClgl6lEHZq  
lZiQFYXnR7MMTvk5vRO0q5NVp9dpIfhB4T1BpokQ0VQe30zJHGNMxGREqj1dBGZ3  
xtqVgBx7nA+eCdLrjsm+sNvVNJzXCjRpYfYzddgsc4QFBjTUqwveJIr6AKiSZBc4  
ffS61Ehtjr/kYpj/60HZjsrUGaTAlTaCCMibIqfsYa/U+lu7B6IdqOhDkJUhEJcl  
LAYjXmn65n/ADEDPXACgxO52i421XpAjCeTecrGufJ2Q4KnXz0jHZgutmPlbZ999  
b3kRjmIi3Lh7WGR1MTokMKl+yGOy+pLGTBxN5cF0CFmiZhMZJA2LhrOlyS4Vy5J9  
YzukpCDceJKfkEZ2ztjAcLy0pDUqoYfWjjpcdwMSs33pOPMwwY+SECFtbE0x6b7M  
t3ds500K/3QX0KLYhoFf  
=y9y0  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4499-01

Red Hat Security Advisory 2023-4500-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4500-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4500  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4  
Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4  
Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update  
Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v.8.4) - x86_64  
Red Hat Enterprise Linux AppStream E4S (v.8.4) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream TUS (v.8.4) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v.8.4):

Source:  
thunderbird-102.14.0-1.el8_4.src.rpm

x86_64:  
thunderbird-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v.8.4):

Source:  
thunderbird-102.14.0-1.el8_4.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v.8.4):

Source:  
thunderbird-102.14.0-1.el8_4.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_4.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3gAAoJENzjgjWX9erEeH0P/1M0cfMSwsEYmKb2lAnc4XuD  
LBA+/ACSx0pmBMqAoG6KMGyv9pLGL4afyTkuUdwrqebX++yxZFK/EZCMa5/vrQei  
NRNx0sCjAdqVlCbqosM5QJUPkHWvt1vLLttJFkbPwDeA/N5/6zOkrjQUNXwH5bOZ  
qUsWXVfJQra6PHQ1wQa5UrrjdPD3eaZkpwKyDNek41bRMcCYRPS10HKeTBj0rWfQ  
bXAGieb7zO3O3EqvJMZ7G21MV80r27Hip+ydP07sJVxz3Za/i/cGtyHzU9Kp0xMp  
7SUkc+LMksNcNCw1/o6yhZdTdRyMgGwEriP0hT9sy7OKHyV3yvkZAQ1OpIINOZ1m  
6H/yFDy18Uhg3mj4LoO72M4VmJAoL9Zd6LjC89mNmWuGXD/TTlHrnBSATz+W3mBA  
ZKZAN+xByw31s/Q1CMsIU/t+VpJev3EIOCrIAkf3jIq4yUb04AShlJk4JAmCNmW8  
xuUQne6bfAw4lZiDqx/JyaV6pulqmGAPFOU2klZNO0EByzv5yeoC8A17oEYzahQq  
EvJDhg8/fTDHxZwtQm0OupZQY9CvfQaxaCz5OJrH43rQnfK8mDWrEW4IkZz4fLNo  
Nn4U+x4kNTMj7T0RSdewWD4qyS3juWeTXRSkSCyv1ksVpGtQWG2AJh7dypCHg51X  
07ioqq8PHwK2s5ytPmja  
=MOUN  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4500-01

Red Hat Security Advisory 2023-4495-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4495-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4495  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64  
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, x86_64  
Red Hat Enterprise Linux Workstation (v. 7) - x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:  
thunderbird-102.14.0-1.el7_9.src.rpm

x86_64:  
thunderbird-102.14.0-1.el7_9.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

Source:  
thunderbird-102.14.0-1.el7_9.src.rpm

ppc64le:  
thunderbird-102.14.0-1.el7_9.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.ppc64le.rpm

x86_64:  
thunderbird-102.14.0-1.el7_9.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:  
thunderbird-102.14.0-1.el7_9.src.rpm

x86_64:  
thunderbird-102.14.0-1.el7_9.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el7_9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3OAAoJENzjgjWX9erE5HkP/3wf0pb7J7dMsEry7Mx8rX6I  
KD+WC4r2CodrRi2uh3rdjYeey2z+Z7geo+62+QpnNXKD29wiKAt46tk0mDOrRi/h  
vMuyN+eZ+XiWjRIfipkViCYOG0fXSG5e4IekdFTkv/ju/eovevbujd9V4LVlE9ha  
FWO3nGn1d0qJgUxdmbkHNFIvQefzjj7VhOTXLRS/ouIQqXUiQ42qowA8udjghQHA  
BTcTMNjmcEPVJi/M6xiBsdv+o0CH+S4rzSCHDOEo+494okHsl8hAedVonjJATD5A  
dfyPfU4xnrp13K2uPfcPn3aqWgDx2taJDm5qxfYt/ww9qmrq+mmWz3dzeTGpt49m  
DZqm1fFFf/VreIH6+cUEWRhGvswf/dzUprqDEkhpN1oXT7EPyB1F7IWfJvLMV6j0  
JfguoPIoe1MwO5e34gdTzMiXDkfKPq34w6W1xofqZdoezqYSAYMhsfkBDq2JCCFm  
t4wLd52UlRR/d1s6pfdj02uuWS0cxY2jfXMgIgb2OMtoBfo98iaChpb4OdWf8BT3  
K68mV9HjR4QITvdYDAhwViBSNh6ccnPfZVR6vjNneXvyJa1YeE2/+IutbIsgkUnV  
DYfdoQiMTUFQuv1lX/IjNPKdKBHrEnyRQ6XOFrHWeZ54NMuhKuQGPe6I1NzbD8f5  
rkxpStOKC0QaSIf4zW6q  
=uGal  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4495-01

Red Hat Security Advisory 2023-4496-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4496-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4496  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2  
Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications  
Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP  
Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream AUS (v. 8.2) - x86_64  
Red Hat Enterprise Linux AppStream E4S (v. 8.2) - ppc64le, x86_64  
Red Hat Enterprise Linux AppStream TUS (v. 8.2) - x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream AUS (v. 8.2):

Source:  
thunderbird-102.14.0-1.el8_2.src.rpm

x86_64:  
thunderbird-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream E4S (v. 8.2):

Source:  
thunderbird-102.14.0-1.el8_2.src.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_2.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.ppc64le.rpm

x86_64:  
thunderbird-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.x86_64.rpm

Red Hat Enterprise Linux AppStream TUS (v. 8.2):

Source:  
thunderbird-102.14.0-1.el8_2.src.rpm

x86_64:  
thunderbird-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_2.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P3zAAoJENzjgjWX9erEHuMQAJzYbHSO64RfCUKDP5BDcbcm  
NDW620nj10HjbuQdRWML0i7ClLXI7M5M/qhVGtF1tNOPNIqGLzt0xZwB1WF6Ub49  
0ASHMkWvBgg5r+4Xbg9DyD9aYAd2FzbyI7CLm2XGOfABGSbsFHr4SOCVj5xMkm66  
/rZ/lASvu+ofrWtj6HpHQBvzUB21purp/r6EwhS85FxesYJ+L3v+OsFLbTU6XiHN  
4fD23mc7paLerfU3mcKCT4PaxjzHA3qefTyFZrdqP60DV0ceCQ3Ft4VZ88eZREFW  
Uc04aopQfqPGRjYC3W4ndjiNUTcDmbu/hVLSA0Cw21MlEC/oKmXKsHcR8qT6F06T  
F0NrDvpZiwi88ir1QdldP+HmzQSvhGSgeEC0eegEuUHwmFvOIEWh9qoOGlglQp1k  
Yb3SSgPB6ybLBQmE3pSJsO11FCtTUeMqeQit+3OnAjbbhTEUcVYNfuSX/z+FVBMQ  
29WeprIk2Bpwh/g93L3VZ0D/Hg6IyCc4UadPqAsErDHxOAll+g9lIke00S0oRvX8  
+i4GkxYZBrppmIFc+rIAvFMLXch5CY5K1sqh7R5xjCJFg7h2mX4KGhDFfksipIUh  
rwlL3qQNij5Osgud89wUaARog64GawcSu4BIZZ4Ft8NAD7/GLObaAO0pJZiU5/Vj  
Ff/VoBLCkmuFuRCE3VxK  
=s8Mp  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4496-01

Red Hat Security Advisory 2023-4493-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4493-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4493  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.6) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.6):

Source:  
thunderbird-102.14.0-1.el8_6.src.rpm

aarch64:  
thunderbird-102.14.0-1.el8_6.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_6.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el8_6.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el8_6.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_6.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P2fAAoJENzjgjWX9erE2ygP/2TMRR/93qYrshHSYXzFutcE  
V1F7HrYAl0M/VfIgDLIITQPCBrgYMrvt72yjf4Pn/FswH3N2oxwPYw8qEhhO2Z0I  
oQrDEKH0Pkxrku3Ssm6s3uRSVdFNewpWHasT8y9+rk7eBHyvGG+Cn0j4DoZhntI0  
PeCUqaoXaP+lWDFda4YQMcZj6+NnhHU5tyxUi/Fd+PoQnmkTeNtXHPJ7G5RkywZD  
lCS9fH72N/booPgxSq/0G086MWFbFUhAJFzbGBQ4NnDwXQ4MX1vfPjh/lMYUvA/s  
zq9ykCXfE17U2AH7YHb/l3I5gP0oS4wMrFqdqO+NgUAn+eljuI55qrlxxWHfv8qY  
95BDhEg72Hu1MMb0ictyOtSTa1d2WmPrTcB//IC1kS9cJ5cCBXm2YyNv5oGe+UdP  
COX70ifq3ZB9mBCI0V0vnPe1KLzW9ocl2HtS2xo4dSqkInED1JjYlAuO5lRq5r6u  
2dwM9N/cC5VGufGxcYcTLv6fH1BLWM77S38pOkUEhx/xBTxQtzWQEmaf9uM5jAly  
5BNH0r9pHMiXA9ShNGuZb1kyU1rvJjwRYN+IFxg7M7t+LwoXZ4Tkc268CnV5GfWZ  
bbycubepNz7m2KksZZddOj+uu8p/lSC71m8fsxcSYRURCE7hHzhdg3OPPdktJ2eu  
eMpVOF9NJr8siFLgq0+C  
=emMd  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4493-01

Red Hat Security Advisory 2023-4494-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4494-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4494  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.9.0):

Source:  
thunderbird-102.14.0-1.el9_0.src.rpm

aarch64:  
thunderbird-102.14.0-1.el9_0.aarch64.rpm  
thunderbird-debuginfo-102.14.0-1.el9_0.aarch64.rpm  
thunderbird-debugsource-102.14.0-1.el9_0.aarch64.rpm

ppc64le:  
thunderbird-102.14.0-1.el9_0.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el9_0.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el9_0.ppc64le.rpm

s390x:  
thunderbird-102.14.0-1.el9_0.s390x.rpm  
thunderbird-debuginfo-102.14.0-1.el9_0.s390x.rpm  
thunderbird-debugsource-102.14.0-1.el9_0.s390x.rpm

x86_64:  
thunderbird-102.14.0-1.el9_0.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el9_0.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P2tAAoJENzjgjWX9erE8R4QAJUHVxuPB6Nwx+WzZrKzaUmd  
fqnRB2xQXrFEZAjgYUTo1a2DmCHdVNw320G2KacahiOcsz5f1Kh+/HgwTFVc5at/  
d8aRECut6OHxBKsCigohCMtKAVIyzIORAQfVei0cn+9vcDAYxFhaf0zGU7+y4AJv  
S/WiyDU9kpWzAPCmYgZDfQ6jQlZEI7IbdHaBtPm06JMdmmklm+pK02Lb9spBimTz  
0nnAGgURcUsCDzCGBJO/7wAnVkCvD2tVHqD7aQ9x7DKW71fQqhMBJ9xxs7gXOXVe  
j8r8CEIUliGzqeuIgE+mm4DzrVxpRcwqxpc5tdKBXaBy5Pr0YxZe0Ho96sDk02j6  
AL/Be4H1o6phpl6AlpvNrwPOO5l2mFJjchwvfSn5D0GCAS00qmavvSeTD1sc/RA6  
3LQXCCgPzvQeykKqdIxG3dAB3dYNtXKHYdf4PWJB2lzqBCBgAW80Aw2bq6CHSXNs  
Yw3ESWDOE4fLBIxTYuVsvgilq9Q6Xm4UhkzpA1yBakJeyWEVbu5oorxFRyzhGXVv  
IR/5tAxsQ/VLevyKMH8AEbhxRhW1GQsmxeZV6Fuy85GyahfSw68mhkJg3NuwEoTS  
Syb18fiHsDg0u70BLglcSMSLrd5QGROHoJQYbZGgpl3tN/6ECQWIfgIpziyGGjHW  
zpsu67T9sa/wnmWFkUBW  
=ICtZ  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4494-01

Red Hat Security Advisory 2023-4498-01 - D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: dbus security update  
Advisory ID:       RHSA-2023:4498-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4498  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-34969  
====================================================================  
1. Summary:

An update for dbus is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

D-Bus is a system for sending messages between applications. It is used  
both for the system-wide message bus service, and as a  
per-user-login-session messaging facility.

Security Fix(es):

* dbus: dbus-daemon: assertion failure when a monitor is active and a  
message from the driver cannot be delivered (CVE-2023-34969)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

For the update to take effect, all running instances of dbus-daemon and all  
running applications using the libdbus library must be restarted, or the  
system rebooted.

5. Bugs fixed (https://bugzilla.redhat.com/):

2213166 - CVE-2023-34969 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

aarch64:  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-devel-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-x11-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm

ppc64le:  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-devel-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-x11-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm

s390x:  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.s390x.rpm  
dbus-devel-1.12.8-24.el8_8.1.s390x.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-x11-1.12.8-24.el8_8.1.s390x.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.s390x.rpm

x86_64:  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.i686.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-devel-1.12.8-24.el8_8.1.i686.rpm  
dbus-devel-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-x11-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 8):

Source:  
dbus-1.12.8-24.el8_8.1.src.rpm

aarch64:  
dbus-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-daemon-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-libs-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-tools-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.aarch64.rpm

noarch:  
dbus-common-1.12.8-24.el8_8.1.noarch.rpm

ppc64le:  
dbus-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-daemon-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-libs-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-tools-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.ppc64le.rpm

s390x:  
dbus-1.12.8-24.el8_8.1.s390x.rpm  
dbus-daemon-1.12.8-24.el8_8.1.s390x.rpm  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.s390x.rpm  
dbus-libs-1.12.8-24.el8_8.1.s390x.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-tools-1.12.8-24.el8_8.1.s390x.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.s390x.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.s390x.rpm

x86_64:  
dbus-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-daemon-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-daemon-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.i686.rpm  
dbus-debugsource-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-libs-1.12.8-24.el8_8.1.i686.rpm  
dbus-libs-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-libs-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-tests-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-tools-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-tools-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.i686.rpm  
dbus-x11-debuginfo-1.12.8-24.el8_8.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-34969  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0P29AAoJENzjgjWX9erEIpIP/iA+jp4RpqfkakYFyKwh/Ri+  
/uBcu4iMdJtLK/gdPGh3EAImZ5yyyunfsd0vFg31QDkO/rTbREaHMJAF/Z/Yk/bH  
gY0lm+3ooT/uPV0SS6b3lHMw+JdUNrFXOW7WD4UTGylTrt4zGadPx3buDkFNF2K/  
t8ToRWw2gcqP04NZvYCdyAGj+29asS//LMgHkq8V4fxvGDlW/p2rTIQXJg4O0V45  
s5c46F3rwpfcx8OKmDSO+EogQosT5dG92YYKTvWRpfujYz2hQMW7WUASajB3eXBZ  
sNRMNI/g9wjPNRRPvn2oMNGkcc+sjAHkkI8AS37cafC2HtTIsvlicnE9TPafCnYx  
i7TvKqy3/oJ2bx11X99D77tVwlRvXfaKVhCi+qyXA/8SXI6H81OYfjqzL27Gff4Q  
/kJmoIob2wWoFlV4zElEBT5ByTI/JZ/T7d6p2cNrIXtajuPWkmF2+Ic3j3XMiQkw  
WhjMOuf/fCm3kDuZFDyO5aen6DqEMgvL8GzVN4F1WNtkkG8kqGr+L0MUu2yDvB1L  
T+vrTPItN8NqRjImEJwn/rtJRb4sepkTR1hdr0XukaJJiyhdyTOGkOkYvXRCcrqD  
NG0AD3gcGKRs8Pg+J2Bbzy4RVnsFlX4+z8Dtomr00Yd8j6H7Ko58Xqgtzuze4z9Z  
7mrHj3Q/YVchFCMQTB0l  
=Je9q  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4498-01

Red Hat Security Advisory 2023-4492-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Issues addressed include buffer overflow, bypass, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: thunderbird security update  
Advisory ID:       RHSA-2023:4492-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4492  
Issue date:        2023-08-07  
CVE Names:         CVE-2023-3417 CVE-2023-4045 CVE-2023-4046  
                   CVE-2023-4047 CVE-2023-4048 CVE-2023-4049  
                   CVE-2023-4050 CVE-2023-4055 CVE-2023-4056  
                   CVE-2023-4057  
====================================================================  
1. Summary:

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1  
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream E4S (v. 8.1) - ppc64le, x86_64

3. Description:

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.14.0.

Security Fix(es):

* Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
(CVE-2023-4045)

* Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046)

* Mozilla: Potential permissions request bypass via clickjacking  
(CVE-2023-4047)

* Mozilla: Crash in DOMParser due to out-of-memory conditions  
(CVE-2023-4048)

* Mozilla: Fix potential race conditions when releasing platform objects  
(CVE-2023-4049)

* Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050)

* Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,  
Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
(CVE-2023-4056)

* Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird  
115.1 (CVE-2023-4057)

* thunderbird: File Extension Spoofing using the Text Direction Override  
Character (CVE-2023-3417)

* Mozilla: Cookie jar overflow caused unexpected cookie jar state  
(CVE-2023-4055)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2225325 - CVE-2023-3417 thunderbird: File Extension Spoofing using the Text Direction Override Character  
2228360 - CVE-2023-4045 Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions  
2228361 - CVE-2023-4046 Mozilla: Incorrect value used during WASM compilation  
2228362 - CVE-2023-4047 Mozilla: Potential permissions request bypass via clickjacking  
2228363 - CVE-2023-4048 Mozilla: Crash in DOMParser due to out-of-memory conditions  
2228364 - CVE-2023-4049 Mozilla: Fix potential race conditions when releasing platform objects  
2228365 - CVE-2023-4050 Mozilla: Stack buffer overflow in StorageManager  
2228367 - CVE-2023-4055 Mozilla: Cookie jar overflow caused unexpected cookie jar state  
2228370 - CVE-2023-4056 Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14  
2228371 - CVE-2023-4057 Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1

6. Package List:

Red Hat Enterprise Linux AppStream E4S (v. 8.1):

Source:  
thunderbird-102.14.0-1.el8_1.src.rpm

ppc64le:  
thunderbird-102.14.0-1.el8_1.ppc64le.rpm  
thunderbird-debuginfo-102.14.0-1.el8_1.ppc64le.rpm  
thunderbird-debugsource-102.14.0-1.el8_1.ppc64le.rpm

x86_64:  
thunderbird-102.14.0-1.el8_1.x86_64.rpm  
thunderbird-debuginfo-102.14.0-1.el8_1.x86_64.rpm  
thunderbird-debugsource-102.14.0-1.el8_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-3417  
https://access.redhat.com/security/cve/CVE-2023-4045  
https://access.redhat.com/security/cve/CVE-2023-4046  
https://access.redhat.com/security/cve/CVE-2023-4047  
https://access.redhat.com/security/cve/CVE-2023-4048  
https://access.redhat.com/security/cve/CVE-2023-4049  
https://access.redhat.com/security/cve/CVE-2023-4050  
https://access.redhat.com/security/cve/CVE-2023-4055  
https://access.redhat.com/security/cve/CVE-2023-4056  
https://access.redhat.com/security/cve/CVE-2023-4057  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0KknAAoJENzjgjWX9erEfs8P/i953/EmQot5VOOS+M5m0zs3  
scrXBTyLhcyTzI/K+LdGbj7HNWfAVeusEfvWQxE6Cj3SKTZ4w+5m+ozyMmFuSuBG  
JGHh/NvpMj0n1YHIDqx4zggj9+mZ45pM8agogESPZorxfDUWDUuJNDqc2NKeU8u/  
dPLTLE5ca0HcACF/CX3tX+8I3cQC/gmPm9UA7ENeAWpJu4MxVZdInEAOO89Dud2s  
Qszym4qSRgcaRrrZ7uedJE+iRFrSfwnE1n7QT5oeo17lVmzJ2qv+rzOv9qCyYHtD  
gYgxpa1JjO+7mayyFKc7pMTc+KrgEozh+NicOazrK8MpNqNPFpGCNL+HmBYviJ0u  
cwbO2y8AICUhLX0Wy2160IE0ilV4mI+yqlTIiOmCznmIFmO3MIFujIRqZAh01D6K  
7zlR7zBMYBtmlHsfDsaY66nDLRzidWTT4nm3kM+WpoLeS3m8W0Tiok9n3p62tAUx  
4eKXj5kiTCV6GpG9Yy2a9PwXHLOnYbYT3qdHVIK3xVRZvbmonsz9Y+ZLVN1kltDx  
YtIcOcoih9YfAtpW6vJSavkejg1514duMV8Rwj+HB7D6zbMwRxGQcaXFhCmYXrNb  
M+OsseG4IgVTcB68yjzWo8xLyuWETCLSV7UgphEUAbpBK/EYhYyTi/yMbmhfbLcM  
7Ymp+g00zPo6A9Y8JqdZ  
=ovcm  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Tag

#linux