概述
Important: thunderbird security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
标题
An update for thunderbird is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component (CVE-2025-9182)
- thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component (CVE-2025-9179)
- thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component (CVE-2025-9180)
- thunderbird: firefox: Uninitialized memory in the JavaScript Engine component (CVE-2025-9181)
- thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142 (CVE-2025-9185)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
修复
-
BZ - 2389575
- CVE-2025-9182 firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component
-
BZ - 2389580
- CVE-2025-9179 thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component
-
BZ - 2389581
- CVE-2025-9180 thunderbird: firefox: Same-origin policy bypass in the Graphics: Canvas2D component
-
BZ - 2389583
- CVE-2025-9181 thunderbird: firefox: Uninitialized memory in the JavaScript Engine component
-
BZ - 2389584
- CVE-2025-9185 thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.27, Firefox ESR 128.14, Thunderbird ESR 128.14, Firefox ESR 140.2, Thunderbird ESR 140.2, Firefox 142 and Thunderbird 142
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| x86_64 |
|
thunderbird-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 0488032f048fedbaf4279a7a711e54147a8d82c0c877a8faa8a4bb03cdef973b |
|
thunderbird-debuginfo-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 51ba4586666e87e0ed3c7f5c3be2bf0e51b66de08963482080d6f9c266f69fe7 |
|
thunderbird-debugsource-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: d61dc245a97aa83c43f5547a5909ee2941f2df74c18b233bf2a48ea9b9db448e |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| x86_64 |
|
thunderbird-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 0488032f048fedbaf4279a7a711e54147a8d82c0c877a8faa8a4bb03cdef973b |
|
thunderbird-debuginfo-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 51ba4586666e87e0ed3c7f5c3be2bf0e51b66de08963482080d6f9c266f69fe7 |
|
thunderbird-debugsource-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: d61dc245a97aa83c43f5547a5909ee2941f2df74c18b233bf2a48ea9b9db448e |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| x86_64 |
|
thunderbird-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 0488032f048fedbaf4279a7a711e54147a8d82c0c877a8faa8a4bb03cdef973b |
|
thunderbird-debuginfo-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 51ba4586666e87e0ed3c7f5c3be2bf0e51b66de08963482080d6f9c266f69fe7 |
|
thunderbird-debugsource-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: d61dc245a97aa83c43f5547a5909ee2941f2df74c18b233bf2a48ea9b9db448e |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| s390x |
|
thunderbird-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: b02655bab07f5d06be7abca95e7809c48909d9ee3c9753ed35c2fca4f10b081d |
|
thunderbird-debuginfo-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: 522cd670fb4a60576ec91e523349c8e507db7c8c351e075fdb5b34351253c855 |
|
thunderbird-debugsource-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: dbac5db3d539aa665826eb44b7c32a56eb26bf2d9f7082bc6c444859f0fb8009 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| s390x |
|
thunderbird-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: b02655bab07f5d06be7abca95e7809c48909d9ee3c9753ed35c2fca4f10b081d |
|
thunderbird-debuginfo-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: 522cd670fb4a60576ec91e523349c8e507db7c8c351e075fdb5b34351253c855 |
|
thunderbird-debugsource-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: dbac5db3d539aa665826eb44b7c32a56eb26bf2d9f7082bc6c444859f0fb8009 |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| ppc64le |
|
thunderbird-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 77dea0236fcf9ae3b25e0f8bc322fd2f189e4b719d86164e04788197208e291a |
|
thunderbird-debuginfo-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 1e1465b40140d19e6076932c86676d740133b1f399fc546b23bc5e9759ad92d7 |
|
thunderbird-debugsource-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 7785dae2d45c5e828756dedf71c5ebe4dbe1b89b1a81877436f82b9be2217919 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| ppc64le |
|
thunderbird-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 77dea0236fcf9ae3b25e0f8bc322fd2f189e4b719d86164e04788197208e291a |
|
thunderbird-debuginfo-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 1e1465b40140d19e6076932c86676d740133b1f399fc546b23bc5e9759ad92d7 |
|
thunderbird-debugsource-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 7785dae2d45c5e828756dedf71c5ebe4dbe1b89b1a81877436f82b9be2217919 |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| aarch64 |
|
thunderbird-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: 7802d79d9ff529e5dbe9b73350b6a88208598b753620fc353a275786f3418167 |
|
thunderbird-debuginfo-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: b1ebc94904af2eb2d64e87e5a323a5f819c21aab9b470aae520bbc4ce3dc3a06 |
|
thunderbird-debugsource-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: 4944e3cf52bec26f6d871c3ea82e987d27b753425ebfff37222572f4b4961353 |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| aarch64 |
|
thunderbird-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: 7802d79d9ff529e5dbe9b73350b6a88208598b753620fc353a275786f3418167 |
|
thunderbird-debuginfo-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: b1ebc94904af2eb2d64e87e5a323a5f819c21aab9b470aae520bbc4ce3dc3a06 |
|
thunderbird-debugsource-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: 4944e3cf52bec26f6d871c3ea82e987d27b753425ebfff37222572f4b4961353 |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| ppc64le |
|
thunderbird-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 77dea0236fcf9ae3b25e0f8bc322fd2f189e4b719d86164e04788197208e291a |
|
thunderbird-debuginfo-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 1e1465b40140d19e6076932c86676d740133b1f399fc546b23bc5e9759ad92d7 |
|
thunderbird-debugsource-128.14.0-3.el9_6.ppc64le.rpm
|
SHA-256: 7785dae2d45c5e828756dedf71c5ebe4dbe1b89b1a81877436f82b9be2217919 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| x86_64 |
|
thunderbird-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 0488032f048fedbaf4279a7a711e54147a8d82c0c877a8faa8a4bb03cdef973b |
|
thunderbird-debuginfo-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: 51ba4586666e87e0ed3c7f5c3be2bf0e51b66de08963482080d6f9c266f69fe7 |
|
thunderbird-debugsource-128.14.0-3.el9_6.x86_64.rpm
|
SHA-256: d61dc245a97aa83c43f5547a5909ee2941f2df74c18b233bf2a48ea9b9db448e |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| aarch64 |
|
thunderbird-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: 7802d79d9ff529e5dbe9b73350b6a88208598b753620fc353a275786f3418167 |
|
thunderbird-debuginfo-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: b1ebc94904af2eb2d64e87e5a323a5f819c21aab9b470aae520bbc4ce3dc3a06 |
|
thunderbird-debugsource-128.14.0-3.el9_6.aarch64.rpm
|
SHA-256: 4944e3cf52bec26f6d871c3ea82e987d27b753425ebfff37222572f4b4961353 |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
thunderbird-128.14.0-3.el9_6.src.rpm
|
SHA-256: b453e4383a69e9c2a40ed3d333e3c6aff8b9d78e8c4ece7ca634f9acccb59a2e |
| s390x |
|
thunderbird-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: b02655bab07f5d06be7abca95e7809c48909d9ee3c9753ed35c2fca4f10b081d |
|
thunderbird-debuginfo-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: 522cd670fb4a60576ec91e523349c8e507db7c8c351e075fdb5b34351253c855 |
|
thunderbird-debugsource-128.14.0-3.el9_6.s390x.rpm
|
SHA-256: dbac5db3d539aa665826eb44b7c32a56eb26bf2d9f7082bc6c444859f0fb8009 |
