Skip to navigation

Security Advisory Important: thunderbird security update

Advisory: RHSA-2011:1267-1
Type: Security Advisory
Severity: Important
Issued on: 2011-09-06
Last updated on: 2011-09-06
Affected Products: RHEL Optional Productivity Applications (v. 5 server)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.1.z)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Enterprise Linux Workstation (v. 6)

Details

An updated thunderbird package that fixes one security issue is now
available for Red Hat Enterprise Linux 4, 5, and 6.

The Red Hat Security Response Team has rated this update as having
important security impact.

Mozilla Thunderbird is a standalone mail and newsgroup client.

The RHSA-2011:1243 Thunderbird update rendered HTTPS certificates signed by
a certain Certificate Authority (CA) as untrusted, but made an exception
for a select few. This update removes that exception, rendering every HTTPS
certificate signed by that CA as untrusted. (BZ#735483)

All Thunderbird users should upgrade to this updated package, which
resolves this issue. All running instances of Thunderbird must be
restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

RHEL Optional Productivity Applications (v. 5 server)

SRPMS:
thunderbird-2.0.0.24-25.el5.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 57dda6c3ddf0b6ffbfb03af24fff231c
SHA-256: a5d10600f22305aab8ae7eb3cbd246c6afccd32ae35d090f7bea36313b179bad
 
IA-32:
thunderbird-2.0.0.24-25.el5.i386.rpm
File outdated by:  RHSA-2014:0316
    MD5: 0b3be4ef5f147b5d941f123c7e88c9c4
SHA-256: e381f0ad2a2b36b09c96b80b6984e21db804338b5739f06dce3fc86ce1a9f24a
 
x86_64:
thunderbird-2.0.0.24-25.el5.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 8747277185a0f5d2ac370b1544c13143
SHA-256: 441ef7e881835316be413f0df1aef1e9f77583c020db7414c4fa924c9ff8253e
 
Red Hat Desktop (v. 4)

SRPMS:
thunderbird-1.5.0.12-43.el4.src.rpm
File outdated by:  RHSA-2012:0085
    MD5: 12cdbde26e8b51de4198d4a442e26dca
SHA-256: c4d8f8eeb2118440ef0114128a8ac8ea973b7100872fd8f3897f56c592220556
 
IA-32:
thunderbird-1.5.0.12-43.el4.i386.rpm
File outdated by:  RHSA-2012:0085
    MD5: 03e1628d332ac990c8c1d82f1eea8b2d
SHA-256: 18ca2169833ccd30a5333205f9c316221357f6731123cb519cf766e7b95e3d6e
 
x86_64:
thunderbird-1.5.0.12-43.el4.x86_64.rpm
File outdated by:  RHSA-2012:0085
    MD5: 3dbf8d9b4c6e579f5eefa1850648954b
SHA-256: 008be550ed4d677f5de6421c7f799af9f050240a193891ba3483125701e15e3d
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
thunderbird-1.5.0.12-43.el4.src.rpm
File outdated by:  RHSA-2012:0085
    MD5: 12cdbde26e8b51de4198d4a442e26dca
SHA-256: c4d8f8eeb2118440ef0114128a8ac8ea973b7100872fd8f3897f56c592220556
 
IA-32:
thunderbird-1.5.0.12-43.el4.i386.rpm
File outdated by:  RHSA-2012:0085
    MD5: 03e1628d332ac990c8c1d82f1eea8b2d
SHA-256: 18ca2169833ccd30a5333205f9c316221357f6731123cb519cf766e7b95e3d6e
 
IA-64:
thunderbird-1.5.0.12-43.el4.ia64.rpm
File outdated by:  RHSA-2012:0085
    MD5: 61c20459d0321e87feec03d05fc21dfc
SHA-256: 9cd757be339966abe2c0dc519b5ab5bea898e696f6b9077ddcc42e8e7359a2ac
 
PPC:
thunderbird-1.5.0.12-43.el4.ppc.rpm
File outdated by:  RHSA-2012:0085
    MD5: d793bcfbc8d5eaae9bf6df6bc3dd2342
SHA-256: 11daa26f124ce667c34adf56e118e7ebce497951f2308f6ed55bfad485cc0ebf
 
s390:
thunderbird-1.5.0.12-43.el4.s390.rpm
File outdated by:  RHSA-2012:0085
    MD5: ed8cb2f050ab50f6606ece0159c79e15
SHA-256: 738d1f2fc40363c0ebc261b96c8039d3facb0e24eaa54d77770ef00e92b0d460
 
s390x:
thunderbird-1.5.0.12-43.el4.s390x.rpm
File outdated by:  RHSA-2012:0085
    MD5: 1c926976264df60fe5b1a4d5101c0a10
SHA-256: 4cd1a1faf768a4360c198be32e3fb64aa7c04e0185170ed15044e4022cf30abe
 
x86_64:
thunderbird-1.5.0.12-43.el4.x86_64.rpm
File outdated by:  RHSA-2012:0085
    MD5: 3dbf8d9b4c6e579f5eefa1850648954b
SHA-256: 008be550ed4d677f5de6421c7f799af9f050240a193891ba3483125701e15e3d
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
thunderbird-2.0.0.24-25.el5.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 57dda6c3ddf0b6ffbfb03af24fff231c
SHA-256: a5d10600f22305aab8ae7eb3cbd246c6afccd32ae35d090f7bea36313b179bad
 
IA-32:
thunderbird-2.0.0.24-25.el5.i386.rpm
File outdated by:  RHSA-2014:0316
    MD5: 0b3be4ef5f147b5d941f123c7e88c9c4
SHA-256: e381f0ad2a2b36b09c96b80b6984e21db804338b5739f06dce3fc86ce1a9f24a
 
x86_64:
thunderbird-2.0.0.24-25.el5.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 8747277185a0f5d2ac370b1544c13143
SHA-256: 441ef7e881835316be413f0df1aef1e9f77583c020db7414c4fa924c9ff8253e
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
thunderbird-3.1.14-1.el6_1.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: cdf7436f0b4dbe902f3c33503f20a710
SHA-256: 0691af336c4e97315a92d15480135db40729670f4fc1b9441834d74cd23114f5
 
IA-32:
thunderbird-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 5c5fc5a35fbcc84f87b37b82b850d3f4
SHA-256: 4d94a97d52d42bea3bcd2945963d4c4b7e929cb1d55f4837ccc8433442844d41
thunderbird-debuginfo-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: c1f805c6c7d1f67922c9415db9fa2a63
SHA-256: 8e7b2f12f7d7b7056477724306e25b83086f485e5311492d5fabe121b92fa548
 
x86_64:
thunderbird-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: b7a4fdbdc44bffa2ab77baddd1d5a0d2
SHA-256: c1e404fa70956fd152089adc0fdb6848c37a62d164de13ecdbac9c9a06bc69b4
thunderbird-debuginfo-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 656a0e0a68963f34ee459b319c1b549c
SHA-256: 1aa611347ac0b85a34a6c75307af2fbc8a5cd6546491cbee2f6627ce1fbc954e
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
thunderbird-1.5.0.12-43.el4.src.rpm
File outdated by:  RHSA-2012:0085
    MD5: 12cdbde26e8b51de4198d4a442e26dca
SHA-256: c4d8f8eeb2118440ef0114128a8ac8ea973b7100872fd8f3897f56c592220556
 
IA-32:
thunderbird-1.5.0.12-43.el4.i386.rpm
File outdated by:  RHSA-2012:0085
    MD5: 03e1628d332ac990c8c1d82f1eea8b2d
SHA-256: 18ca2169833ccd30a5333205f9c316221357f6731123cb519cf766e7b95e3d6e
 
IA-64:
thunderbird-1.5.0.12-43.el4.ia64.rpm
File outdated by:  RHSA-2012:0085
    MD5: 61c20459d0321e87feec03d05fc21dfc
SHA-256: 9cd757be339966abe2c0dc519b5ab5bea898e696f6b9077ddcc42e8e7359a2ac
 
x86_64:
thunderbird-1.5.0.12-43.el4.x86_64.rpm
File outdated by:  RHSA-2012:0085
    MD5: 3dbf8d9b4c6e579f5eefa1850648954b
SHA-256: 008be550ed4d677f5de6421c7f799af9f050240a193891ba3483125701e15e3d
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
thunderbird-3.1.14-1.el6_1.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: cdf7436f0b4dbe902f3c33503f20a710
SHA-256: 0691af336c4e97315a92d15480135db40729670f4fc1b9441834d74cd23114f5
 
IA-32:
thunderbird-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 5c5fc5a35fbcc84f87b37b82b850d3f4
SHA-256: 4d94a97d52d42bea3bcd2945963d4c4b7e929cb1d55f4837ccc8433442844d41
thunderbird-debuginfo-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: c1f805c6c7d1f67922c9415db9fa2a63
SHA-256: 8e7b2f12f7d7b7056477724306e25b83086f485e5311492d5fabe121b92fa548
 
PPC:
thunderbird-3.1.14-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 0ab2ef02b9e320629fc28344b09683e4
SHA-256: b73fb4cd976d2683bf1ad800109df700bcc5e85a51c7a3a8770bb890fc9b89e1
thunderbird-debuginfo-3.1.14-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 9d8326913034b2ae50f8684288e97584
SHA-256: df0a0aa5e390dc0d6d5e329f1a1b81477be95b2f58d3f3f3d009b42f9bcfea43
 
s390x:
thunderbird-3.1.14-1.el6_1.s390x.rpm
File outdated by:  RHSA-2014:0316
    MD5: 26e2b70a91620f9cf898124448d999bd
SHA-256: 485b3c49f36c3d1b5c7899c8e52327f5e95d2943f50bac70d77b497403e43754
thunderbird-debuginfo-3.1.14-1.el6_1.s390x.rpm
File outdated by:  RHSA-2014:0316
    MD5: e70f7bb6128da56f4b5db531097b9508
SHA-256: 18bd44fa94539a75484100ea1052e1901d63bfef029e36b56cf08691c6d35317
 
x86_64:
thunderbird-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: b7a4fdbdc44bffa2ab77baddd1d5a0d2
SHA-256: c1e404fa70956fd152089adc0fdb6848c37a62d164de13ecdbac9c9a06bc69b4
thunderbird-debuginfo-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 656a0e0a68963f34ee459b319c1b549c
SHA-256: 1aa611347ac0b85a34a6c75307af2fbc8a5cd6546491cbee2f6627ce1fbc954e
 
Red Hat Enterprise Linux Server EUS (v. 6.1.z)

SRPMS:
thunderbird-3.1.14-1.el6_1.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: cdf7436f0b4dbe902f3c33503f20a710
SHA-256: 0691af336c4e97315a92d15480135db40729670f4fc1b9441834d74cd23114f5
 
IA-32:
thunderbird-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2011:1439
    MD5: 5c5fc5a35fbcc84f87b37b82b850d3f4
SHA-256: 4d94a97d52d42bea3bcd2945963d4c4b7e929cb1d55f4837ccc8433442844d41
thunderbird-debuginfo-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2011:1439
    MD5: c1f805c6c7d1f67922c9415db9fa2a63
SHA-256: 8e7b2f12f7d7b7056477724306e25b83086f485e5311492d5fabe121b92fa548
 
PPC:
thunderbird-3.1.14-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2011:1439
    MD5: 0ab2ef02b9e320629fc28344b09683e4
SHA-256: b73fb4cd976d2683bf1ad800109df700bcc5e85a51c7a3a8770bb890fc9b89e1
thunderbird-debuginfo-3.1.14-1.el6_1.ppc64.rpm
File outdated by:  RHSA-2011:1439
    MD5: 9d8326913034b2ae50f8684288e97584
SHA-256: df0a0aa5e390dc0d6d5e329f1a1b81477be95b2f58d3f3f3d009b42f9bcfea43
 
s390x:
thunderbird-3.1.14-1.el6_1.s390x.rpm
File outdated by:  RHSA-2011:1439
    MD5: 26e2b70a91620f9cf898124448d999bd
SHA-256: 485b3c49f36c3d1b5c7899c8e52327f5e95d2943f50bac70d77b497403e43754
thunderbird-debuginfo-3.1.14-1.el6_1.s390x.rpm
File outdated by:  RHSA-2011:1439
    MD5: e70f7bb6128da56f4b5db531097b9508
SHA-256: 18bd44fa94539a75484100ea1052e1901d63bfef029e36b56cf08691c6d35317
 
x86_64:
thunderbird-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1439
    MD5: b7a4fdbdc44bffa2ab77baddd1d5a0d2
SHA-256: c1e404fa70956fd152089adc0fdb6848c37a62d164de13ecdbac9c9a06bc69b4
thunderbird-debuginfo-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2011:1439
    MD5: 656a0e0a68963f34ee459b319c1b549c
SHA-256: 1aa611347ac0b85a34a6c75307af2fbc8a5cd6546491cbee2f6627ce1fbc954e
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
thunderbird-1.5.0.12-43.el4.src.rpm
File outdated by:  RHSA-2012:0085
    MD5: 12cdbde26e8b51de4198d4a442e26dca
SHA-256: c4d8f8eeb2118440ef0114128a8ac8ea973b7100872fd8f3897f56c592220556
 
IA-32:
thunderbird-1.5.0.12-43.el4.i386.rpm
File outdated by:  RHSA-2012:0085
    MD5: 03e1628d332ac990c8c1d82f1eea8b2d
SHA-256: 18ca2169833ccd30a5333205f9c316221357f6731123cb519cf766e7b95e3d6e
 
IA-64:
thunderbird-1.5.0.12-43.el4.ia64.rpm
File outdated by:  RHSA-2012:0085
    MD5: 61c20459d0321e87feec03d05fc21dfc
SHA-256: 9cd757be339966abe2c0dc519b5ab5bea898e696f6b9077ddcc42e8e7359a2ac
 
x86_64:
thunderbird-1.5.0.12-43.el4.x86_64.rpm
File outdated by:  RHSA-2012:0085
    MD5: 3dbf8d9b4c6e579f5eefa1850648954b
SHA-256: 008be550ed4d677f5de6421c7f799af9f050240a193891ba3483125701e15e3d
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
thunderbird-3.1.14-1.el6_1.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: cdf7436f0b4dbe902f3c33503f20a710
SHA-256: 0691af336c4e97315a92d15480135db40729670f4fc1b9441834d74cd23114f5
 
IA-32:
thunderbird-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 5c5fc5a35fbcc84f87b37b82b850d3f4
SHA-256: 4d94a97d52d42bea3bcd2945963d4c4b7e929cb1d55f4837ccc8433442844d41
thunderbird-debuginfo-3.1.14-1.el6_1.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: c1f805c6c7d1f67922c9415db9fa2a63
SHA-256: 8e7b2f12f7d7b7056477724306e25b83086f485e5311492d5fabe121b92fa548
 
x86_64:
thunderbird-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: b7a4fdbdc44bffa2ab77baddd1d5a0d2
SHA-256: c1e404fa70956fd152089adc0fdb6848c37a62d164de13ecdbac9c9a06bc69b4
thunderbird-debuginfo-3.1.14-1.el6_1.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 656a0e0a68963f34ee459b319c1b549c
SHA-256: 1aa611347ac0b85a34a6c75307af2fbc8a5cd6546491cbee2f6627ce1fbc954e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

735483 - Additional certificates signed by DigiNotar CA certificate to be revoked (MFSA 2011-35)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/