Issued:
2011-08-31
Updated:
2011-08-31

RHSA-2011:1243 - Security Advisory

Synopsis

Important: thunderbird security update

Type/Severity

Security Advisory: Important

Topic

An updated thunderbird package that fixes one security issue is now
available for Red Hat Enterprise Linux 4, 5, and 6.

The Red Hat Security Response Team has rated this update as having
important security impact.

Description

Mozilla Thunderbird is a standalone mail and newsgroup client.

It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
certificate. This update renders any HTTPS certificates signed by that
CA as untrusted, except for a select few. The now untrusted certificates
that were issued before July 1, 2011 can be manually re-enabled and used
again at your own risk in Thunderbird; however, affected certificates
issued after this date cannot be re-enabled or used. (BZ#734316)

All Thunderbird users should upgrade to this updated package, which
resolves this issue. All running instances of Thunderbird must be
restarted for the update to take effect.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.1 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.1 ppc64
  • Red Hat Enterprise Linux Server from RHUI 6 x86_64
  • Red Hat Enterprise Linux Server from RHUI 6 i386
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 734316 - Fraudulent certificates signed by DigiNotar CA certificate (MFSA 2011-34)

CVEs

(none)

References

Red Hat Enterprise Linux Server 6

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
x86_64
thunderbird-3.1.12-2.el6_1.x86_64.rpm SHA-256: d69d665545bed02ba6b0e02745d1537cf28354d64b1028aafebf66eff6c28c0f
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm SHA-256: 5f14c1161d840418ccc0bab317eb8e482e6a0d8aee8ea2e552407f25a68fa878
i386
thunderbird-3.1.12-2.el6_1.i686.rpm SHA-256: 5c6541222d610eba4fd80c138848cfb5d91a0cdc112655d6660eb74dd7bbc4ef
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm SHA-256: d76e933de1a906568e0cb30afb5d78fa6d45b0af2e42b8cfd01a8776f1c9050c

Red Hat Enterprise Linux Server 5

SRPM
thunderbird-2.0.0.24-24.el5.src.rpm SHA-256: d5dfb7d1ad770bcae1a65b52dee12aea47c59a8800106cb9c7bdea43efb43180
x86_64
thunderbird-2.0.0.24-24.el5.x86_64.rpm SHA-256: 35d8e05335c83ccf672a8ff0c5fc116054fd15173c57bf3af3818783a0e9f436
i386
thunderbird-2.0.0.24-24.el5.i386.rpm SHA-256: e026ded9b5249e69bb47cc136e1cd55b9a6643009e870200f56a5f8e7caf3dcd

Red Hat Enterprise Linux Server 4

SRPM
thunderbird-1.5.0.12-42.el4.src.rpm SHA-256: 1bae7262aaac325d5e04443c223c40fee60905bea7419eda5c61e35280919e41
x86_64
thunderbird-1.5.0.12-42.el4.x86_64.rpm SHA-256: 39408e00612f43de6721dcc62329f84c3d5bfb3039f893bfdf195382e8c47a2b
thunderbird-1.5.0.12-42.el4.x86_64.rpm SHA-256: 39408e00612f43de6721dcc62329f84c3d5bfb3039f893bfdf195382e8c47a2b
ia64
thunderbird-1.5.0.12-42.el4.ia64.rpm SHA-256: 115495e9652a930344a0ea0ea53f1f05030043088ca65bd47d6ec184202645e6
thunderbird-1.5.0.12-42.el4.ia64.rpm SHA-256: 115495e9652a930344a0ea0ea53f1f05030043088ca65bd47d6ec184202645e6
i386
thunderbird-1.5.0.12-42.el4.i386.rpm SHA-256: caf6dc2bd5cd4d5d60c45ffdaf1dbdce5c7161a0915cdd961d622ad7f798dfb0
thunderbird-1.5.0.12-42.el4.i386.rpm SHA-256: caf6dc2bd5cd4d5d60c45ffdaf1dbdce5c7161a0915cdd961d622ad7f798dfb0

Red Hat Enterprise Linux for x86_64 - Extended Update Support 6.1

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
x86_64
thunderbird-3.1.12-2.el6_1.x86_64.rpm SHA-256: d69d665545bed02ba6b0e02745d1537cf28354d64b1028aafebf66eff6c28c0f
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm SHA-256: 5f14c1161d840418ccc0bab317eb8e482e6a0d8aee8ea2e552407f25a68fa878
i386
thunderbird-3.1.12-2.el6_1.i686.rpm SHA-256: 5c6541222d610eba4fd80c138848cfb5d91a0cdc112655d6660eb74dd7bbc4ef
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm SHA-256: d76e933de1a906568e0cb30afb5d78fa6d45b0af2e42b8cfd01a8776f1c9050c

Red Hat Enterprise Linux Workstation 6

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
x86_64
thunderbird-3.1.12-2.el6_1.x86_64.rpm SHA-256: d69d665545bed02ba6b0e02745d1537cf28354d64b1028aafebf66eff6c28c0f
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm SHA-256: 5f14c1161d840418ccc0bab317eb8e482e6a0d8aee8ea2e552407f25a68fa878
i386
thunderbird-3.1.12-2.el6_1.i686.rpm SHA-256: 5c6541222d610eba4fd80c138848cfb5d91a0cdc112655d6660eb74dd7bbc4ef
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm SHA-256: d76e933de1a906568e0cb30afb5d78fa6d45b0af2e42b8cfd01a8776f1c9050c

Red Hat Enterprise Linux Workstation 5

SRPM
thunderbird-2.0.0.24-24.el5.src.rpm SHA-256: d5dfb7d1ad770bcae1a65b52dee12aea47c59a8800106cb9c7bdea43efb43180
x86_64
thunderbird-2.0.0.24-24.el5.x86_64.rpm SHA-256: 35d8e05335c83ccf672a8ff0c5fc116054fd15173c57bf3af3818783a0e9f436
i386
thunderbird-2.0.0.24-24.el5.i386.rpm SHA-256: e026ded9b5249e69bb47cc136e1cd55b9a6643009e870200f56a5f8e7caf3dcd

Red Hat Enterprise Linux Workstation 4

SRPM
thunderbird-1.5.0.12-42.el4.src.rpm SHA-256: 1bae7262aaac325d5e04443c223c40fee60905bea7419eda5c61e35280919e41
x86_64
thunderbird-1.5.0.12-42.el4.x86_64.rpm SHA-256: 39408e00612f43de6721dcc62329f84c3d5bfb3039f893bfdf195382e8c47a2b
ia64
thunderbird-1.5.0.12-42.el4.ia64.rpm SHA-256: 115495e9652a930344a0ea0ea53f1f05030043088ca65bd47d6ec184202645e6
i386
thunderbird-1.5.0.12-42.el4.i386.rpm SHA-256: caf6dc2bd5cd4d5d60c45ffdaf1dbdce5c7161a0915cdd961d622ad7f798dfb0

Red Hat Enterprise Linux Desktop 6

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
x86_64
thunderbird-3.1.12-2.el6_1.x86_64.rpm SHA-256: d69d665545bed02ba6b0e02745d1537cf28354d64b1028aafebf66eff6c28c0f
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm SHA-256: 5f14c1161d840418ccc0bab317eb8e482e6a0d8aee8ea2e552407f25a68fa878
i386
thunderbird-3.1.12-2.el6_1.i686.rpm SHA-256: 5c6541222d610eba4fd80c138848cfb5d91a0cdc112655d6660eb74dd7bbc4ef
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm SHA-256: d76e933de1a906568e0cb30afb5d78fa6d45b0af2e42b8cfd01a8776f1c9050c

Red Hat Enterprise Linux Desktop 5

SRPM
thunderbird-2.0.0.24-24.el5.src.rpm SHA-256: d5dfb7d1ad770bcae1a65b52dee12aea47c59a8800106cb9c7bdea43efb43180
x86_64
thunderbird-2.0.0.24-24.el5.x86_64.rpm SHA-256: 35d8e05335c83ccf672a8ff0c5fc116054fd15173c57bf3af3818783a0e9f436
i386
thunderbird-2.0.0.24-24.el5.i386.rpm SHA-256: e026ded9b5249e69bb47cc136e1cd55b9a6643009e870200f56a5f8e7caf3dcd

Red Hat Enterprise Linux Desktop 4

SRPM
thunderbird-1.5.0.12-42.el4.src.rpm SHA-256: 1bae7262aaac325d5e04443c223c40fee60905bea7419eda5c61e35280919e41
x86_64
thunderbird-1.5.0.12-42.el4.x86_64.rpm SHA-256: 39408e00612f43de6721dcc62329f84c3d5bfb3039f893bfdf195382e8c47a2b
i386
thunderbird-1.5.0.12-42.el4.i386.rpm SHA-256: caf6dc2bd5cd4d5d60c45ffdaf1dbdce5c7161a0915cdd961d622ad7f798dfb0

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
s390x
thunderbird-3.1.12-2.el6_1.s390x.rpm SHA-256: 43e194cbb5b82b3e63e9d53cd95f5e84607c3ab2237869e84b23dcf47ef56cce
thunderbird-debuginfo-3.1.12-2.el6_1.s390x.rpm SHA-256: 8973704fa7362c248b929e8909a6cb5ea547fa97af43ccf4acd4b9589012c7a8

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
thunderbird-1.5.0.12-42.el4.src.rpm SHA-256: 1bae7262aaac325d5e04443c223c40fee60905bea7419eda5c61e35280919e41
s390x
thunderbird-1.5.0.12-42.el4.s390x.rpm SHA-256: 06c9b3c855ff3538f3fc26bf5bf2d94b8725744e9f612f31d823ef3277fc53b4
s390
thunderbird-1.5.0.12-42.el4.s390.rpm SHA-256: 1dbe58d412dc380ec299668c1d7d8ccd48de7c0a256b62edc4ca4cae4cc0c41b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.1

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
s390x
thunderbird-3.1.12-2.el6_1.s390x.rpm SHA-256: 43e194cbb5b82b3e63e9d53cd95f5e84607c3ab2237869e84b23dcf47ef56cce
thunderbird-debuginfo-3.1.12-2.el6_1.s390x.rpm SHA-256: 8973704fa7362c248b929e8909a6cb5ea547fa97af43ccf4acd4b9589012c7a8

Red Hat Enterprise Linux for Power, big endian 6

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
ppc64
thunderbird-3.1.12-2.el6_1.ppc64.rpm SHA-256: f0e55a1444280055aa01eb151892d090cdb1fd17375b87ccf84733a3d3a58c2b
thunderbird-debuginfo-3.1.12-2.el6_1.ppc64.rpm SHA-256: 64b07efdfbd6c5c928d6c3521a042c2ae21e3f159287c0d864d2ee01203a5685

Red Hat Enterprise Linux for Power, big endian 4

SRPM
thunderbird-1.5.0.12-42.el4.src.rpm SHA-256: 1bae7262aaac325d5e04443c223c40fee60905bea7419eda5c61e35280919e41
ppc
thunderbird-1.5.0.12-42.el4.ppc.rpm SHA-256: dfb1da8f5907dcbdb3722cc9ada249a4d6a1f2aaf5410e12d79069dce9528a67

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.1

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
ppc64
thunderbird-3.1.12-2.el6_1.ppc64.rpm SHA-256: f0e55a1444280055aa01eb151892d090cdb1fd17375b87ccf84733a3d3a58c2b
thunderbird-debuginfo-3.1.12-2.el6_1.ppc64.rpm SHA-256: 64b07efdfbd6c5c928d6c3521a042c2ae21e3f159287c0d864d2ee01203a5685

Red Hat Enterprise Linux Server from RHUI 6

SRPM
thunderbird-3.1.12-2.el6_1.src.rpm SHA-256: 4dc852c633e97b79a9ab2a678b50a3584b906dcfa78bb5eab66dc622b289fb8f
x86_64
thunderbird-3.1.12-2.el6_1.x86_64.rpm SHA-256: d69d665545bed02ba6b0e02745d1537cf28354d64b1028aafebf66eff6c28c0f
thunderbird-debuginfo-3.1.12-2.el6_1.x86_64.rpm SHA-256: 5f14c1161d840418ccc0bab317eb8e482e6a0d8aee8ea2e552407f25a68fa878
i386
thunderbird-3.1.12-2.el6_1.i686.rpm SHA-256: 5c6541222d610eba4fd80c138848cfb5d91a0cdc112655d6660eb74dd7bbc4ef
thunderbird-debuginfo-3.1.12-2.el6_1.i686.rpm SHA-256: d76e933de1a906568e0cb30afb5d78fa6d45b0af2e42b8cfd01a8776f1c9050c

Red Hat Enterprise Linux Server from RHUI 5

SRPM
thunderbird-2.0.0.24-24.el5.src.rpm SHA-256: d5dfb7d1ad770bcae1a65b52dee12aea47c59a8800106cb9c7bdea43efb43180
x86_64
thunderbird-2.0.0.24-24.el5.x86_64.rpm SHA-256: 35d8e05335c83ccf672a8ff0c5fc116054fd15173c57bf3af3818783a0e9f436
i386
thunderbird-2.0.0.24-24.el5.i386.rpm SHA-256: e026ded9b5249e69bb47cc136e1cd55b9a6643009e870200f56a5f8e7caf3dcd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.