Red Hat Product Errata RHSA-2024:5392 - Security Advisory
Issued:
2024-08-14
Updated:
2024-08-14

RHSA-2024:5392 - Security Advisory

Synopsis

Important: thunderbird security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for thunderbird is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mozilla Thunderbird is a standalone mail and newsgroup client.

Security Fix(es):

  • EMBARGOED Thunderbird: 115.14/128.1 ()
  • mozilla: Fullscreen notification dialog can be obscured by document content (CVE-2024-7518)
  • mozilla: Out of bounds memory access in graphics shared memory handling (CVE-2024-7519)
  • mozilla: Type confusion in WebAssembly (CVE-2024-7520)
  • mozilla: Incomplete WebAssembly exception handing (CVE-2024-7521)
  • mozilla: Out of bounds read in editor component (CVE-2024-7522)
  • mozilla: Missing permission check when creating a StreamFilter (CVE-2024-7525)
  • mozilla: Uninitialized memory used by WebGL (CVE-2024-7526)
  • mozilla: Use-after-free in JavaScript garbage collection (CVE-2024-7527)
  • mozilla: Use-after-free in IndexedDB (CVE-2024-7528)
  • mozilla: Document content could partially obscure security prompts (CVE-2024-7529)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

(none)

Red Hat Enterprise Linux for x86_64 9

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
x86_64
thunderbird-115.14.0-1.el9_4.x86_64.rpm SHA-256: e04c2e6ca3b4b66cd87e7e9187634cf0306c6238651e113ab52bdc486e59fac9
thunderbird-debuginfo-115.14.0-1.el9_4.x86_64.rpm SHA-256: 777c65433fa7efb9fd331c8a1c0d557ac90787d51917c7dcc003bea2a72e13d9
thunderbird-debugsource-115.14.0-1.el9_4.x86_64.rpm SHA-256: 48a352bfaca408a40f4c8fcf9490647b74b2e6bf2d6466c6c5b1fc2ae07fc8f1

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
x86_64
thunderbird-115.14.0-1.el9_4.x86_64.rpm SHA-256: e04c2e6ca3b4b66cd87e7e9187634cf0306c6238651e113ab52bdc486e59fac9
thunderbird-debuginfo-115.14.0-1.el9_4.x86_64.rpm SHA-256: 777c65433fa7efb9fd331c8a1c0d557ac90787d51917c7dcc003bea2a72e13d9
thunderbird-debugsource-115.14.0-1.el9_4.x86_64.rpm SHA-256: 48a352bfaca408a40f4c8fcf9490647b74b2e6bf2d6466c6c5b1fc2ae07fc8f1

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
x86_64
thunderbird-115.14.0-1.el9_4.x86_64.rpm SHA-256: e04c2e6ca3b4b66cd87e7e9187634cf0306c6238651e113ab52bdc486e59fac9
thunderbird-debuginfo-115.14.0-1.el9_4.x86_64.rpm SHA-256: 777c65433fa7efb9fd331c8a1c0d557ac90787d51917c7dcc003bea2a72e13d9
thunderbird-debugsource-115.14.0-1.el9_4.x86_64.rpm SHA-256: 48a352bfaca408a40f4c8fcf9490647b74b2e6bf2d6466c6c5b1fc2ae07fc8f1

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
x86_64
thunderbird-115.14.0-1.el9_4.x86_64.rpm SHA-256: e04c2e6ca3b4b66cd87e7e9187634cf0306c6238651e113ab52bdc486e59fac9
thunderbird-debuginfo-115.14.0-1.el9_4.x86_64.rpm SHA-256: 777c65433fa7efb9fd331c8a1c0d557ac90787d51917c7dcc003bea2a72e13d9
thunderbird-debugsource-115.14.0-1.el9_4.x86_64.rpm SHA-256: 48a352bfaca408a40f4c8fcf9490647b74b2e6bf2d6466c6c5b1fc2ae07fc8f1

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
x86_64
thunderbird-115.14.0-1.el9_4.x86_64.rpm SHA-256: e04c2e6ca3b4b66cd87e7e9187634cf0306c6238651e113ab52bdc486e59fac9
thunderbird-debuginfo-115.14.0-1.el9_4.x86_64.rpm SHA-256: 777c65433fa7efb9fd331c8a1c0d557ac90787d51917c7dcc003bea2a72e13d9
thunderbird-debugsource-115.14.0-1.el9_4.x86_64.rpm SHA-256: 48a352bfaca408a40f4c8fcf9490647b74b2e6bf2d6466c6c5b1fc2ae07fc8f1

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
s390x
thunderbird-115.14.0-1.el9_4.s390x.rpm SHA-256: 235d9792fa44d8410499774ff1109084795ff597cd00ae10c7a51694153b538f
thunderbird-debuginfo-115.14.0-1.el9_4.s390x.rpm SHA-256: 9c5581851e418d1784a38ab1c0d7f6e3bab664a291a394dacf80e415b9baa329
thunderbird-debugsource-115.14.0-1.el9_4.s390x.rpm SHA-256: f8e9448e4342ac99e673f4667eb4ba7d0bdc44838bbcb0c8dc02d0beea4cb3b7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
s390x
thunderbird-115.14.0-1.el9_4.s390x.rpm SHA-256: 235d9792fa44d8410499774ff1109084795ff597cd00ae10c7a51694153b538f
thunderbird-debuginfo-115.14.0-1.el9_4.s390x.rpm SHA-256: 9c5581851e418d1784a38ab1c0d7f6e3bab664a291a394dacf80e415b9baa329
thunderbird-debugsource-115.14.0-1.el9_4.s390x.rpm SHA-256: f8e9448e4342ac99e673f4667eb4ba7d0bdc44838bbcb0c8dc02d0beea4cb3b7

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
s390x
thunderbird-115.14.0-1.el9_4.s390x.rpm SHA-256: 235d9792fa44d8410499774ff1109084795ff597cd00ae10c7a51694153b538f
thunderbird-debuginfo-115.14.0-1.el9_4.s390x.rpm SHA-256: 9c5581851e418d1784a38ab1c0d7f6e3bab664a291a394dacf80e415b9baa329
thunderbird-debugsource-115.14.0-1.el9_4.s390x.rpm SHA-256: f8e9448e4342ac99e673f4667eb4ba7d0bdc44838bbcb0c8dc02d0beea4cb3b7

Red Hat Enterprise Linux for Power, little endian 9

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
ppc64le
thunderbird-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 6a72ec31cdf551a37d801e2c089672571217ed253c7d65c87ee447cc4ea1d3b6
thunderbird-debuginfo-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 35c1adb67bb47bc5e727c3aa7f9b8d47f9469cb1d804c64282753aac1f6f4a11
thunderbird-debugsource-115.14.0-1.el9_4.ppc64le.rpm SHA-256: dd03e161433561ef5dc3b9ec2eff3db32d803675901b8917875e085bf2386e49

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
ppc64le
thunderbird-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 6a72ec31cdf551a37d801e2c089672571217ed253c7d65c87ee447cc4ea1d3b6
thunderbird-debuginfo-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 35c1adb67bb47bc5e727c3aa7f9b8d47f9469cb1d804c64282753aac1f6f4a11
thunderbird-debugsource-115.14.0-1.el9_4.ppc64le.rpm SHA-256: dd03e161433561ef5dc3b9ec2eff3db32d803675901b8917875e085bf2386e49

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
ppc64le
thunderbird-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 6a72ec31cdf551a37d801e2c089672571217ed253c7d65c87ee447cc4ea1d3b6
thunderbird-debuginfo-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 35c1adb67bb47bc5e727c3aa7f9b8d47f9469cb1d804c64282753aac1f6f4a11
thunderbird-debugsource-115.14.0-1.el9_4.ppc64le.rpm SHA-256: dd03e161433561ef5dc3b9ec2eff3db32d803675901b8917875e085bf2386e49

Red Hat Enterprise Linux for ARM 64 9

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
aarch64
thunderbird-115.14.0-1.el9_4.aarch64.rpm SHA-256: b78304565b000307536e55d46356a2b16edff9bac2cf285d92a0479b08661e86
thunderbird-debuginfo-115.14.0-1.el9_4.aarch64.rpm SHA-256: 52c502af637852e70ca27b17dc2d710883896ac113fb0e816706e7a799f8c36a
thunderbird-debugsource-115.14.0-1.el9_4.aarch64.rpm SHA-256: f80fd6fa4850ed186e98bc3b2f5cfa86512c5c3db16466bbf5f95c36a2bb8b53

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
aarch64
thunderbird-115.14.0-1.el9_4.aarch64.rpm SHA-256: b78304565b000307536e55d46356a2b16edff9bac2cf285d92a0479b08661e86
thunderbird-debuginfo-115.14.0-1.el9_4.aarch64.rpm SHA-256: 52c502af637852e70ca27b17dc2d710883896ac113fb0e816706e7a799f8c36a
thunderbird-debugsource-115.14.0-1.el9_4.aarch64.rpm SHA-256: f80fd6fa4850ed186e98bc3b2f5cfa86512c5c3db16466bbf5f95c36a2bb8b53

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
aarch64
thunderbird-115.14.0-1.el9_4.aarch64.rpm SHA-256: b78304565b000307536e55d46356a2b16edff9bac2cf285d92a0479b08661e86
thunderbird-debuginfo-115.14.0-1.el9_4.aarch64.rpm SHA-256: 52c502af637852e70ca27b17dc2d710883896ac113fb0e816706e7a799f8c36a
thunderbird-debugsource-115.14.0-1.el9_4.aarch64.rpm SHA-256: f80fd6fa4850ed186e98bc3b2f5cfa86512c5c3db16466bbf5f95c36a2bb8b53

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
ppc64le
thunderbird-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 6a72ec31cdf551a37d801e2c089672571217ed253c7d65c87ee447cc4ea1d3b6
thunderbird-debuginfo-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 35c1adb67bb47bc5e727c3aa7f9b8d47f9469cb1d804c64282753aac1f6f4a11
thunderbird-debugsource-115.14.0-1.el9_4.ppc64le.rpm SHA-256: dd03e161433561ef5dc3b9ec2eff3db32d803675901b8917875e085bf2386e49

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
ppc64le
thunderbird-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 6a72ec31cdf551a37d801e2c089672571217ed253c7d65c87ee447cc4ea1d3b6
thunderbird-debuginfo-115.14.0-1.el9_4.ppc64le.rpm SHA-256: 35c1adb67bb47bc5e727c3aa7f9b8d47f9469cb1d804c64282753aac1f6f4a11
thunderbird-debugsource-115.14.0-1.el9_4.ppc64le.rpm SHA-256: dd03e161433561ef5dc3b9ec2eff3db32d803675901b8917875e085bf2386e49

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
x86_64
thunderbird-115.14.0-1.el9_4.x86_64.rpm SHA-256: e04c2e6ca3b4b66cd87e7e9187634cf0306c6238651e113ab52bdc486e59fac9
thunderbird-debuginfo-115.14.0-1.el9_4.x86_64.rpm SHA-256: 777c65433fa7efb9fd331c8a1c0d557ac90787d51917c7dcc003bea2a72e13d9
thunderbird-debugsource-115.14.0-1.el9_4.x86_64.rpm SHA-256: 48a352bfaca408a40f4c8fcf9490647b74b2e6bf2d6466c6c5b1fc2ae07fc8f1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
x86_64
thunderbird-115.14.0-1.el9_4.x86_64.rpm SHA-256: e04c2e6ca3b4b66cd87e7e9187634cf0306c6238651e113ab52bdc486e59fac9
thunderbird-debuginfo-115.14.0-1.el9_4.x86_64.rpm SHA-256: 777c65433fa7efb9fd331c8a1c0d557ac90787d51917c7dcc003bea2a72e13d9
thunderbird-debugsource-115.14.0-1.el9_4.x86_64.rpm SHA-256: 48a352bfaca408a40f4c8fcf9490647b74b2e6bf2d6466c6c5b1fc2ae07fc8f1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
aarch64
thunderbird-115.14.0-1.el9_4.aarch64.rpm SHA-256: b78304565b000307536e55d46356a2b16edff9bac2cf285d92a0479b08661e86
thunderbird-debuginfo-115.14.0-1.el9_4.aarch64.rpm SHA-256: 52c502af637852e70ca27b17dc2d710883896ac113fb0e816706e7a799f8c36a
thunderbird-debugsource-115.14.0-1.el9_4.aarch64.rpm SHA-256: f80fd6fa4850ed186e98bc3b2f5cfa86512c5c3db16466bbf5f95c36a2bb8b53

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
aarch64
thunderbird-115.14.0-1.el9_4.aarch64.rpm SHA-256: b78304565b000307536e55d46356a2b16edff9bac2cf285d92a0479b08661e86
thunderbird-debuginfo-115.14.0-1.el9_4.aarch64.rpm SHA-256: 52c502af637852e70ca27b17dc2d710883896ac113fb0e816706e7a799f8c36a
thunderbird-debugsource-115.14.0-1.el9_4.aarch64.rpm SHA-256: f80fd6fa4850ed186e98bc3b2f5cfa86512c5c3db16466bbf5f95c36a2bb8b53

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
s390x
thunderbird-115.14.0-1.el9_4.s390x.rpm SHA-256: 235d9792fa44d8410499774ff1109084795ff597cd00ae10c7a51694153b538f
thunderbird-debuginfo-115.14.0-1.el9_4.s390x.rpm SHA-256: 9c5581851e418d1784a38ab1c0d7f6e3bab664a291a394dacf80e415b9baa329
thunderbird-debugsource-115.14.0-1.el9_4.s390x.rpm SHA-256: f8e9448e4342ac99e673f4667eb4ba7d0bdc44838bbcb0c8dc02d0beea4cb3b7

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
thunderbird-115.14.0-1.el9_4.src.rpm SHA-256: 37b658628155759799c1139d8e3e1654ddf0b5fd5cbd6e1a3f9e3c76b6ebfb38
s390x
thunderbird-115.14.0-1.el9_4.s390x.rpm SHA-256: 235d9792fa44d8410499774ff1109084795ff597cd00ae10c7a51694153b538f
thunderbird-debuginfo-115.14.0-1.el9_4.s390x.rpm SHA-256: 9c5581851e418d1784a38ab1c0d7f6e3bab664a291a394dacf80e415b9baa329
thunderbird-debugsource-115.14.0-1.el9_4.s390x.rpm SHA-256: f8e9448e4342ac99e673f4667eb4ba7d0bdc44838bbcb0c8dc02d0beea4cb3b7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.