Skip to navigation

Security Advisory Critical: thunderbird security update

Advisory: RHSA-2012:0715-1
Type: Security Advisory
Severity: Critical
Issued on: 2012-06-06
Last updated on: 2012-06-06
Affected Products: RHEL Optional Productivity Applications (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.2)
Red Hat Enterprise Linux Server EUS (v. 6.2.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-3101
CVE-2012-1937
CVE-2012-1938
CVE-2012-1939
CVE-2012-1940
CVE-2012-1941
CVE-2012-1944
CVE-2012-1945
CVE-2012-1946
CVE-2012-1947

Details

An updated thunderbird package that fixes multiple security issues is now
available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Mozilla Thunderbird is a standalone mail and newsgroup client.

Several flaws were found in the processing of malformed content. Malicious
content could cause Thunderbird to crash or, potentially, execute arbitrary
code with the privileges of the user running Thunderbird. (CVE-2011-3101,
CVE-2012-1937, CVE-2012-1938, CVE-2012-1939, CVE-2012-1940, CVE-2012-1941,
CVE-2012-1946, CVE-2012-1947)

Note: CVE-2011-3101 only affected users of certain NVIDIA display drivers
with graphics cards that have hardware acceleration enabled.

It was found that the Content Security Policy (CSP) implementation in
Thunderbird no longer blocked Thunderbird inline event handlers. Malicious
content could possibly bypass intended restrictions if that content relied
on CSP to protect against flaws such as cross-site scripting (XSS).
(CVE-2012-1944)

If a web server hosted content that is stored on a Microsoft Windows share,
or a Samba share, loading such content with Thunderbird could result in
Windows shortcut files (.lnk) in the same share also being loaded. An
attacker could use this flaw to view the contents of local files and
directories on the victim's system. This issue also affected users opening
content from Microsoft Windows shares, or Samba shares, that are mounted
on their systems. (CVE-2012-1945)

Red Hat would like to thank the Mozilla project for reporting these issues.
Upstream acknowledges Ken Russell of Google as the original reporter of
CVE-2011-3101; Igor Bukanov, Olli Pettay, Boris Zbarsky, and Jesse Ruderman
as the original reporters of CVE-2012-1937; Jesse Ruderman, Igor Bukanov,
Bill McCloskey, Christian Holler, Andrew McCreight, and Brian Bondy as the
original reporters of CVE-2012-1938; Christian Holler as the original
reporter of CVE-2012-1939; security researcher Abhishek Arya of Google as
the original reporter of CVE-2012-1940, CVE-2012-1941, and CVE-2012-1947;
security researcher Arthur Gerkis as the original reporter of
CVE-2012-1946; security researcher Adam Barth as the original reporter of
CVE-2012-1944; and security researcher Paul Stone as the original reporter
of CVE-2012-1945.

Note: None of the issues in this advisory can be exploited by a
specially-crafted HTML mail message as JavaScript is disabled by default
for mail messages. They could be exploited another way in Thunderbird, for
example, when viewing the full remote content of an RSS feed.

All Thunderbird users should upgrade to this updated package, which
contains Thunderbird version 10.0.5 ESR, which corrects these issues. After
installing the update, Thunderbird must be restarted for the changes to
take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

RHEL Optional Productivity Applications (v. 5 server)

SRPMS:
thunderbird-10.0.5-2.el5_8.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 69c3e7670ef520e3f651d79aeb50f33c
SHA-256: 102861d66e118626b8fcc383bc1554911e08cfcda2d6f6bd22c53de2557dd24f
 
IA-32:
thunderbird-10.0.5-2.el5_8.i386.rpm
File outdated by:  RHSA-2014:0316
    MD5: b0667d055de74e9d6face281c5431fb5
SHA-256: 7e78b147cfb79fef6f6403f3f86811c4a671d8827988a0e76a02de3910e9b176
thunderbird-debuginfo-10.0.5-2.el5_8.i386.rpm
File outdated by:  RHSA-2014:0316
    MD5: 7abebc1c2a24f7b2180ebfe29a969b31
SHA-256: 37add3c4c8e21987f619ef800bdc326aa4d4f9174eed8c7b1686f4fa86f7d9ed
 
x86_64:
thunderbird-10.0.5-2.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 9f95c8bd358e9209ad5b98f8a82b2d39
SHA-256: a15c9b32f86d7ead2fccbe6d4e1e0c72f57024890eb6ed12964cebf45d477022
thunderbird-debuginfo-10.0.5-2.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 56c651846ad1fefdd46da910eb3bb05c
SHA-256: c5b677aa8fe28cd4e90a34d7a23fcf3670a5ba70e726ee7eb364bcbaf8a4940e
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
thunderbird-10.0.5-2.el5_8.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 69c3e7670ef520e3f651d79aeb50f33c
SHA-256: 102861d66e118626b8fcc383bc1554911e08cfcda2d6f6bd22c53de2557dd24f
 
IA-32:
thunderbird-10.0.5-2.el5_8.i386.rpm
File outdated by:  RHSA-2014:0316
    MD5: b0667d055de74e9d6face281c5431fb5
SHA-256: 7e78b147cfb79fef6f6403f3f86811c4a671d8827988a0e76a02de3910e9b176
thunderbird-debuginfo-10.0.5-2.el5_8.i386.rpm
File outdated by:  RHSA-2014:0316
    MD5: 7abebc1c2a24f7b2180ebfe29a969b31
SHA-256: 37add3c4c8e21987f619ef800bdc326aa4d4f9174eed8c7b1686f4fa86f7d9ed
 
x86_64:
thunderbird-10.0.5-2.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 9f95c8bd358e9209ad5b98f8a82b2d39
SHA-256: a15c9b32f86d7ead2fccbe6d4e1e0c72f57024890eb6ed12964cebf45d477022
thunderbird-debuginfo-10.0.5-2.el5_8.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 56c651846ad1fefdd46da910eb3bb05c
SHA-256: c5b677aa8fe28cd4e90a34d7a23fcf3670a5ba70e726ee7eb364bcbaf8a4940e
 
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
thunderbird-10.0.5-2.el6_2.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 356324745fc67b5370237ade01458a9e
SHA-256: d56e6380ebb7fb9e7c0435157aeb8b67a67182127358d6b34e311d61fcfa8592
 
IA-32:
thunderbird-10.0.5-2.el6_2.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 067026fbb703ed437332176e24a4342d
SHA-256: 1f5bd003d964c45319a6c3b458e9c14ad087e13a45fedbe0f5cecd1b4ed77696
thunderbird-debuginfo-10.0.5-2.el6_2.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 1e74153c59074fd265891bf070e69e91
SHA-256: 2924c78e45ee1f1f680139939b918c9ce0cd8134055b0f61ecf9f5a406b52650
 
x86_64:
thunderbird-10.0.5-2.el6_2.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 3c9dff66f68998c13988559af8e51e95
SHA-256: b4dd742a7e47232af2616c91ea0fec5fbdcf70eb24846687bf89e315b0a58122
thunderbird-debuginfo-10.0.5-2.el6_2.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 7eda9fd636da04e329a3015879b64443
SHA-256: 7cf3411b38383c5c7658338453af4355e51a3c42901d9337084ce0ae57dd96fd
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
thunderbird-10.0.5-2.el6_2.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 356324745fc67b5370237ade01458a9e
SHA-256: d56e6380ebb7fb9e7c0435157aeb8b67a67182127358d6b34e311d61fcfa8592
 
IA-32:
thunderbird-10.0.5-2.el6_2.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 067026fbb703ed437332176e24a4342d
SHA-256: 1f5bd003d964c45319a6c3b458e9c14ad087e13a45fedbe0f5cecd1b4ed77696
thunderbird-debuginfo-10.0.5-2.el6_2.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 1e74153c59074fd265891bf070e69e91
SHA-256: 2924c78e45ee1f1f680139939b918c9ce0cd8134055b0f61ecf9f5a406b52650
 
PPC:
thunderbird-10.0.5-2.el6_2.ppc64.rpm
File outdated by:  RHSA-2014:0316
    MD5: de32c3d6c4fec5b2969acf92e4b4face
SHA-256: ebd774a9f73e9036893592ad7c802b0b11fdc91ada4aaa0665a989959c43c318
thunderbird-debuginfo-10.0.5-2.el6_2.ppc64.rpm
File outdated by:  RHSA-2014:0316
    MD5: c80d5085c13837653d710b79479f835f
SHA-256: 10f9bde80ca1def47b95129de6ab15ef61c21d2d69db53d4400b8b81b4189fc8
 
s390x:
thunderbird-10.0.5-2.el6_2.s390x.rpm
File outdated by:  RHSA-2014:0316
    MD5: 2b54a49cc3ae6b25b0386a1248546317
SHA-256: 23a23c0c94f35afa329f36cf3a902552a10f96dacfb95b24dd73d09fbf339e40
thunderbird-debuginfo-10.0.5-2.el6_2.s390x.rpm
File outdated by:  RHSA-2014:0316
    MD5: dd85dcf6bc89172f5a6d24ef7e9451de
SHA-256: b273fd276790d45e487fd1372adc4cbccd1ae60a4c827509b50b590522be4e59
 
x86_64:
thunderbird-10.0.5-2.el6_2.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 3c9dff66f68998c13988559af8e51e95
SHA-256: b4dd742a7e47232af2616c91ea0fec5fbdcf70eb24846687bf89e315b0a58122
thunderbird-debuginfo-10.0.5-2.el6_2.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 7eda9fd636da04e329a3015879b64443
SHA-256: 7cf3411b38383c5c7658338453af4355e51a3c42901d9337084ce0ae57dd96fd
 
Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
thunderbird-10.0.5-2.el6_2.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 356324745fc67b5370237ade01458a9e
SHA-256: d56e6380ebb7fb9e7c0435157aeb8b67a67182127358d6b34e311d61fcfa8592
 
x86_64:
thunderbird-10.0.5-2.el6_2.x86_64.rpm     MD5: 3c9dff66f68998c13988559af8e51e95
SHA-256: b4dd742a7e47232af2616c91ea0fec5fbdcf70eb24846687bf89e315b0a58122
thunderbird-debuginfo-10.0.5-2.el6_2.x86_64.rpm     MD5: 7eda9fd636da04e329a3015879b64443
SHA-256: 7cf3411b38383c5c7658338453af4355e51a3c42901d9337084ce0ae57dd96fd
 
Red Hat Enterprise Linux Server EUS (v. 6.2.z)

SRPMS:
thunderbird-10.0.5-2.el6_2.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 356324745fc67b5370237ade01458a9e
SHA-256: d56e6380ebb7fb9e7c0435157aeb8b67a67182127358d6b34e311d61fcfa8592
 
IA-32:
thunderbird-10.0.5-2.el6_2.i686.rpm     MD5: 067026fbb703ed437332176e24a4342d
SHA-256: 1f5bd003d964c45319a6c3b458e9c14ad087e13a45fedbe0f5cecd1b4ed77696
thunderbird-debuginfo-10.0.5-2.el6_2.i686.rpm     MD5: 1e74153c59074fd265891bf070e69e91
SHA-256: 2924c78e45ee1f1f680139939b918c9ce0cd8134055b0f61ecf9f5a406b52650
 
PPC:
thunderbird-10.0.5-2.el6_2.ppc64.rpm     MD5: de32c3d6c4fec5b2969acf92e4b4face
SHA-256: ebd774a9f73e9036893592ad7c802b0b11fdc91ada4aaa0665a989959c43c318
thunderbird-debuginfo-10.0.5-2.el6_2.ppc64.rpm     MD5: c80d5085c13837653d710b79479f835f
SHA-256: 10f9bde80ca1def47b95129de6ab15ef61c21d2d69db53d4400b8b81b4189fc8
 
s390x:
thunderbird-10.0.5-2.el6_2.s390x.rpm     MD5: 2b54a49cc3ae6b25b0386a1248546317
SHA-256: 23a23c0c94f35afa329f36cf3a902552a10f96dacfb95b24dd73d09fbf339e40
thunderbird-debuginfo-10.0.5-2.el6_2.s390x.rpm     MD5: dd85dcf6bc89172f5a6d24ef7e9451de
SHA-256: b273fd276790d45e487fd1372adc4cbccd1ae60a4c827509b50b590522be4e59
 
x86_64:
thunderbird-10.0.5-2.el6_2.x86_64.rpm     MD5: 3c9dff66f68998c13988559af8e51e95
SHA-256: b4dd742a7e47232af2616c91ea0fec5fbdcf70eb24846687bf89e315b0a58122
thunderbird-debuginfo-10.0.5-2.el6_2.x86_64.rpm     MD5: 7eda9fd636da04e329a3015879b64443
SHA-256: 7cf3411b38383c5c7658338453af4355e51a3c42901d9337084ce0ae57dd96fd
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
thunderbird-10.0.5-2.el6_2.src.rpm
File outdated by:  RHSA-2014:0316
    MD5: 356324745fc67b5370237ade01458a9e
SHA-256: d56e6380ebb7fb9e7c0435157aeb8b67a67182127358d6b34e311d61fcfa8592
 
IA-32:
thunderbird-10.0.5-2.el6_2.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 067026fbb703ed437332176e24a4342d
SHA-256: 1f5bd003d964c45319a6c3b458e9c14ad087e13a45fedbe0f5cecd1b4ed77696
thunderbird-debuginfo-10.0.5-2.el6_2.i686.rpm
File outdated by:  RHSA-2014:0316
    MD5: 1e74153c59074fd265891bf070e69e91
SHA-256: 2924c78e45ee1f1f680139939b918c9ce0cd8134055b0f61ecf9f5a406b52650
 
x86_64:
thunderbird-10.0.5-2.el6_2.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 3c9dff66f68998c13988559af8e51e95
SHA-256: b4dd742a7e47232af2616c91ea0fec5fbdcf70eb24846687bf89e315b0a58122
thunderbird-debuginfo-10.0.5-2.el6_2.x86_64.rpm
File outdated by:  RHSA-2014:0316
    MD5: 7eda9fd636da04e329a3015879b64443
SHA-256: 7cf3411b38383c5c7658338453af4355e51a3c42901d9337084ce0ae57dd96fd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

827829 - CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-3105 Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)
827830 - CVE-2012-1944 Mozilla: Content Security Policy inline-script bypass (MFSA 2012-36)
827831 - CVE-2012-1945 Mozilla: Information disclosure though Windows file shares and shortcut files (MFSA 2012-37)
827832 - CVE-2012-1946 Mozilla: Use-after-free while replacing/inserting a node in a document (MFSA 2012-38)
827843 - CVE-2012-1940 CVE-2012-1941 CVE-2012-1947 Mozilla: Buffer overflow and use-after-free issues found using Address Sanitizer (MFSA 2012-40)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/