USN-3073-1: Thunderbird vulnerabilities
USN-3073-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-3073-1 22nd September, 2016 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Thunderbird could be made to crash or run programs as your login if it opened a malicious message. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Christian Holler, Carsten Book, Gary Kwong, Jesse Ruderman, AndrewMcCreight, and Phil Ringnalda discovered multiple memory safety issues inThunderbird. If a user were tricked in to opening a specially craftedmessage, an attacker could potentially exploit these to cause a denial ofservice via application crash, or execute arbitrary code. (CVE-2016-2836) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: thunderbird 1:45.3.0+build1-0ubuntu0.16.04.2 Ubuntu 14.04 LTS: thunderbird 1:45.3.0+build1-0ubuntu0.14.04.4 Ubuntu 12.04 LTS: [ more… ]