The updated packages fix security vulnerabilities: Out-of-bounds memory read in networking channels. (CVE-2024-1546) Alert dialog could have been spoofed on another site. (CVE-2024-1547) Fullscreen Notification could have been hidden by select element. (CVE-2024-1548) Custom cursor could obscure the permission dialog. (CVE-2024-1549) Mouse cursor re-positioned unexpectedly could have led to unintended permission grants. (CVE-2024-1550) Multipart HTTP Responses would accept the Set-Cookie header in response parts. (CVE-2024-1551) Incorrect code generation on 32-bit ARM devices. (CVE-2024-1552) Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. (CVE-2024-1553)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | thunderbird | < 115.8.0-1 | thunderbird-115.8.0-1.mga9 |
Mageia | 9 | noarch | thunderbird-l10n | < 115.8.0-1 | thunderbird-l10n-115.8.0-1.mga9 |