Opened 2 years ago
Closed 2 years ago
#16616 closed enhancement (fixed)
thunderbird-91.10.0
| Reported by: | Bruce Dubbs | Owned by: | |
|---|---|---|---|
| Priority: | elevated | Milestone: | 11.2 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New minor version.
Change History (2)
comment:1 by , 2 years ago
| Owner: | changed from to |
|---|---|
| Priority: | normal → elevated |
comment:2 by , 2 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Fixed in eaa4368be5147fa934e65ab140e0b2019b945303 11.1-619
Security Advisory SA 11.1-056
Note:
See TracTickets
for help on using tickets.
Security fixes listed at https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/ with the usual "In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts."
CVE-2022-1834, CVE-2022-31736, CVE-2022-31737,CVE-2022-31738,CVE-2022-31741, 31747 all rated high, and CVE-2022-31742 rated medium.
CVE-2022-31741 is one of the two security fixes in nss-3.79.