B.96.2. RHSA-2010:0969 — Moderate: thunderbird security update
- CVE-2010-3776, CVE-2010-3777
- Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
- This update adds support for the Sanitiser for OpenType (OTS) library to Thunderbird. This library helps prevent potential exploits in malformed OpenType fonts by verifying the font file prior to use.