概述
Important: thunderbird security update
类型/严重性
Security Advisory: Important
标题
An update for thunderbird is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- firefox: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146 (CVE-2025-14333)
- firefox: Use-after-free in the WebRTC: Signaling component (CVE-2025-14321)
- firefox: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2025-14325)
- firefox: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component (CVE-2025-14322)
- firefox: Privilege escalation in the Netmonitor component (CVE-2025-14328)
- firefox: Privilege escalation in the Netmonitor component (CVE-2025-14329)
- firefox: Same-origin policy bypass in the Request Handling component (CVE-2025-14331)
- firefox: Privilege escalation in the DOM: Notifications component (CVE-2025-14323)
- firefox: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2025-14330)
- firefox: JIT miscompilation in the JavaScript Engine: JIT component (CVE-2025-14324)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x
-
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64
-
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64
-
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le
-
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x
修复
-
BZ - 2420502
- CVE-2025-14333 firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
-
BZ - 2420503
- CVE-2025-14321 firefox: thunderbird: Use-after-free in the WebRTC: Signaling component
-
BZ - 2420504
- CVE-2025-14325 firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component
-
BZ - 2420506
- CVE-2025-14322 firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
-
BZ - 2420508
- CVE-2025-14328 firefox: thunderbird: Privilege escalation in the Netmonitor component
-
BZ - 2420509
- CVE-2025-14329 firefox: thunderbird: Privilege escalation in the Netmonitor component
-
BZ - 2420512
- CVE-2025-14331 firefox: thunderbird: Same-origin policy bypass in the Request Handling component
-
BZ - 2420513
- CVE-2025-14323 firefox: thunderbird: Privilege escalation in the DOM: Notifications component
-
BZ - 2420516
- CVE-2025-14330 firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component
-
BZ - 2420517
- CVE-2025-14324 firefox: thunderbird: JIT miscompilation in the JavaScript Engine: JIT component
备注:
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| x86_64 |
|
thunderbird-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: d53f934e5aa5fe14efc24ddd6defbb685327f5ae70253df1ff54d97130c05728 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 11f9ec725deff64499782a58930097e42b2a8eefd133ff5a0a96e7eca7836268 |
|
thunderbird-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 89842014915b01890957abd6bddf291835e5e24a1cf84e5c4564efd27bcd8d46 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| x86_64 |
|
thunderbird-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: d53f934e5aa5fe14efc24ddd6defbb685327f5ae70253df1ff54d97130c05728 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 11f9ec725deff64499782a58930097e42b2a8eefd133ff5a0a96e7eca7836268 |
|
thunderbird-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 89842014915b01890957abd6bddf291835e5e24a1cf84e5c4564efd27bcd8d46 |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| s390x |
|
thunderbird-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: e18e69e50f320efc1975f4094fb6a065894d24ff7583cdd0cd70ec9311e2afa6 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: acd425bb3824a156111e0036cc05d6c0b0665126f4ef296fb24e757eee3efc88 |
|
thunderbird-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: d5d3eae06f159e0763e76c8f5add9db508bb140d57d960b389185677eb52468a |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| s390x |
|
thunderbird-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: e18e69e50f320efc1975f4094fb6a065894d24ff7583cdd0cd70ec9311e2afa6 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: acd425bb3824a156111e0036cc05d6c0b0665126f4ef296fb24e757eee3efc88 |
|
thunderbird-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: d5d3eae06f159e0763e76c8f5add9db508bb140d57d960b389185677eb52468a |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| ppc64le |
|
thunderbird-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 71f6558e2455a13332ca88dec7d228a90bc604b0bd1eca9c3e0199e1c4f96d66 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b7dd92328d033ab15512d1d75842ad82a2fe37d89033f24d286ea2018408bdb2 |
|
thunderbird-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b5c508fba4f12b3e83423bd13a6002ff450d984e4f1e03431b489b566cb884c5 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| ppc64le |
|
thunderbird-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 71f6558e2455a13332ca88dec7d228a90bc604b0bd1eca9c3e0199e1c4f96d66 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b7dd92328d033ab15512d1d75842ad82a2fe37d89033f24d286ea2018408bdb2 |
|
thunderbird-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b5c508fba4f12b3e83423bd13a6002ff450d984e4f1e03431b489b566cb884c5 |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| aarch64 |
|
thunderbird-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 2eb1e55f2aa0e90cfde35638d2d0f6da6b7afd2d6d06505c29fbf3b5a4da67e5 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 8acc7267ba7d877f26fd014dba42cd137904f764555461dada72c8641cfead09 |
|
thunderbird-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 6320472217e3d4a34d7bce2c8d031117fc64c063d943beb1658f3ab7c8b9b68f |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| aarch64 |
|
thunderbird-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 2eb1e55f2aa0e90cfde35638d2d0f6da6b7afd2d6d06505c29fbf3b5a4da67e5 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 8acc7267ba7d877f26fd014dba42cd137904f764555461dada72c8641cfead09 |
|
thunderbird-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 6320472217e3d4a34d7bce2c8d031117fc64c063d943beb1658f3ab7c8b9b68f |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| ppc64le |
|
thunderbird-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 71f6558e2455a13332ca88dec7d228a90bc604b0bd1eca9c3e0199e1c4f96d66 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b7dd92328d033ab15512d1d75842ad82a2fe37d89033f24d286ea2018408bdb2 |
|
thunderbird-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b5c508fba4f12b3e83423bd13a6002ff450d984e4f1e03431b489b566cb884c5 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| x86_64 |
|
thunderbird-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: d53f934e5aa5fe14efc24ddd6defbb685327f5ae70253df1ff54d97130c05728 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 11f9ec725deff64499782a58930097e42b2a8eefd133ff5a0a96e7eca7836268 |
|
thunderbird-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 89842014915b01890957abd6bddf291835e5e24a1cf84e5c4564efd27bcd8d46 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| aarch64 |
|
thunderbird-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 2eb1e55f2aa0e90cfde35638d2d0f6da6b7afd2d6d06505c29fbf3b5a4da67e5 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 8acc7267ba7d877f26fd014dba42cd137904f764555461dada72c8641cfead09 |
|
thunderbird-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 6320472217e3d4a34d7bce2c8d031117fc64c063d943beb1658f3ab7c8b9b68f |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| s390x |
|
thunderbird-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: e18e69e50f320efc1975f4094fb6a065894d24ff7583cdd0cd70ec9311e2afa6 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: acd425bb3824a156111e0036cc05d6c0b0665126f4ef296fb24e757eee3efc88 |
|
thunderbird-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: d5d3eae06f159e0763e76c8f5add9db508bb140d57d960b389185677eb52468a |
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| x86_64 |
|
thunderbird-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: d53f934e5aa5fe14efc24ddd6defbb685327f5ae70253df1ff54d97130c05728 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 11f9ec725deff64499782a58930097e42b2a8eefd133ff5a0a96e7eca7836268 |
|
thunderbird-debugsource-140.6.0-1.el9_7.x86_64.rpm
|
SHA-256: 89842014915b01890957abd6bddf291835e5e24a1cf84e5c4564efd27bcd8d46 |
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| aarch64 |
|
thunderbird-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 2eb1e55f2aa0e90cfde35638d2d0f6da6b7afd2d6d06505c29fbf3b5a4da67e5 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 8acc7267ba7d877f26fd014dba42cd137904f764555461dada72c8641cfead09 |
|
thunderbird-debugsource-140.6.0-1.el9_7.aarch64.rpm
|
SHA-256: 6320472217e3d4a34d7bce2c8d031117fc64c063d943beb1658f3ab7c8b9b68f |
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| ppc64le |
|
thunderbird-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: 71f6558e2455a13332ca88dec7d228a90bc604b0bd1eca9c3e0199e1c4f96d66 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b7dd92328d033ab15512d1d75842ad82a2fe37d89033f24d286ea2018408bdb2 |
|
thunderbird-debugsource-140.6.0-1.el9_7.ppc64le.rpm
|
SHA-256: b5c508fba4f12b3e83423bd13a6002ff450d984e4f1e03431b489b566cb884c5 |
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8
| SRPM |
|
thunderbird-140.6.0-1.el9_7.src.rpm
|
SHA-256: 2cf34e8610e5fa7261860f227464731acc3a779d3128ab4179a1e2063abaab89 |
| s390x |
|
thunderbird-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: e18e69e50f320efc1975f4094fb6a065894d24ff7583cdd0cd70ec9311e2afa6 |
|
thunderbird-debuginfo-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: acd425bb3824a156111e0036cc05d6c0b0665126f4ef296fb24e757eee3efc88 |
|
thunderbird-debugsource-140.6.0-1.el9_7.s390x.rpm
|
SHA-256: d5d3eae06f159e0763e76c8f5add9db508bb140d57d960b389185677eb52468a |
