Red Hat Product Errata RHSA-2020:5162 - Security Advisory
Issued:
2020-11-23
Updated:
2020-11-23

RHSA-2020:5162 - Security Advisory

Synopsis

Important: thunderbird security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 78.4.3.

Security Fix(es):

  • Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 1896306 - CVE-2020-26950 Mozilla: Write side effects in MCallGetProperty opcode not accounted for

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2

SRPM
thunderbird-78.4.3-1.el8_2.src.rpm SHA-256: f6bdda68fa1fb95e61e5dc91e10d3cbce124067689abfe52a08434cfa536679a
x86_64
thunderbird-78.4.3-1.el8_2.x86_64.rpm SHA-256: b6ef0fadcd05d6854eaf34c70ce18350863a062033b04376f76ebb49322516fd
thunderbird-debuginfo-78.4.3-1.el8_2.x86_64.rpm SHA-256: 29a1bba52846b657d0dcddf4df75c88b9d047926ef711f6d48f52d08a8c9084b
thunderbird-debugsource-78.4.3-1.el8_2.x86_64.rpm SHA-256: 1575d05d72c62cddf644f12270d3b71ca6367779c5eac9e1a7d033b9928e48f4

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
thunderbird-78.4.3-1.el8_2.src.rpm SHA-256: f6bdda68fa1fb95e61e5dc91e10d3cbce124067689abfe52a08434cfa536679a
x86_64
thunderbird-78.4.3-1.el8_2.x86_64.rpm SHA-256: b6ef0fadcd05d6854eaf34c70ce18350863a062033b04376f76ebb49322516fd
thunderbird-debuginfo-78.4.3-1.el8_2.x86_64.rpm SHA-256: 29a1bba52846b657d0dcddf4df75c88b9d047926ef711f6d48f52d08a8c9084b
thunderbird-debugsource-78.4.3-1.el8_2.x86_64.rpm SHA-256: 1575d05d72c62cddf644f12270d3b71ca6367779c5eac9e1a7d033b9928e48f4

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.2

SRPM
thunderbird-78.4.3-1.el8_2.src.rpm SHA-256: f6bdda68fa1fb95e61e5dc91e10d3cbce124067689abfe52a08434cfa536679a
ppc64le
thunderbird-78.4.3-1.el8_2.ppc64le.rpm SHA-256: 5d5dc7f874d7c19e44e32d058a078dafcfe3ed33ae3dd5c1b96a8f60fe0f9b22
thunderbird-debuginfo-78.4.3-1.el8_2.ppc64le.rpm SHA-256: dca1c30df980edd981aa8aab7003bfc50347a70afa6ca082ed69b44d8bd235e6
thunderbird-debugsource-78.4.3-1.el8_2.ppc64le.rpm SHA-256: 45da722da110d86ceef3bc0c32550e19eb4e01989dce6ae957349a01178e8658

Red Hat Enterprise Linux Server - TUS 8.2

SRPM
thunderbird-78.4.3-1.el8_2.src.rpm SHA-256: f6bdda68fa1fb95e61e5dc91e10d3cbce124067689abfe52a08434cfa536679a
x86_64
thunderbird-78.4.3-1.el8_2.x86_64.rpm SHA-256: b6ef0fadcd05d6854eaf34c70ce18350863a062033b04376f76ebb49322516fd
thunderbird-debuginfo-78.4.3-1.el8_2.x86_64.rpm SHA-256: 29a1bba52846b657d0dcddf4df75c88b9d047926ef711f6d48f52d08a8c9084b
thunderbird-debugsource-78.4.3-1.el8_2.x86_64.rpm SHA-256: 1575d05d72c62cddf644f12270d3b71ca6367779c5eac9e1a7d033b9928e48f4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.2

SRPM
thunderbird-78.4.3-1.el8_2.src.rpm SHA-256: f6bdda68fa1fb95e61e5dc91e10d3cbce124067689abfe52a08434cfa536679a
aarch64
thunderbird-78.4.3-1.el8_2.aarch64.rpm SHA-256: 4d10c6b956754781be5bd2c40ae8686c6e922270ffe5ee8859b15c5eef98e073
thunderbird-debuginfo-78.4.3-1.el8_2.aarch64.rpm SHA-256: 021bb825016c456cf8a9a2e0cd860104cda0991b76218853b9e6b1409949eda9
thunderbird-debugsource-78.4.3-1.el8_2.aarch64.rpm SHA-256: 6d39dd99a7a5b80bc9cbbb8e0c9ff9f7340e90bc44246e75432459a47713e24c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM
thunderbird-78.4.3-1.el8_2.src.rpm SHA-256: f6bdda68fa1fb95e61e5dc91e10d3cbce124067689abfe52a08434cfa536679a
ppc64le
thunderbird-78.4.3-1.el8_2.ppc64le.rpm SHA-256: 5d5dc7f874d7c19e44e32d058a078dafcfe3ed33ae3dd5c1b96a8f60fe0f9b22
thunderbird-debuginfo-78.4.3-1.el8_2.ppc64le.rpm SHA-256: dca1c30df980edd981aa8aab7003bfc50347a70afa6ca082ed69b44d8bd235e6
thunderbird-debugsource-78.4.3-1.el8_2.ppc64le.rpm SHA-256: 45da722da110d86ceef3bc0c32550e19eb4e01989dce6ae957349a01178e8658

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM
thunderbird-78.4.3-1.el8_2.src.rpm SHA-256: f6bdda68fa1fb95e61e5dc91e10d3cbce124067689abfe52a08434cfa536679a
x86_64
thunderbird-78.4.3-1.el8_2.x86_64.rpm SHA-256: b6ef0fadcd05d6854eaf34c70ce18350863a062033b04376f76ebb49322516fd
thunderbird-debuginfo-78.4.3-1.el8_2.x86_64.rpm SHA-256: 29a1bba52846b657d0dcddf4df75c88b9d047926ef711f6d48f52d08a8c9084b
thunderbird-debugsource-78.4.3-1.el8_2.x86_64.rpm SHA-256: 1575d05d72c62cddf644f12270d3b71ca6367779c5eac9e1a7d033b9928e48f4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.