概述
Important: thunderbird security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
标题
An update for thunderbird is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- thunderbird: User Interface (UI) Misrepresentation of attachment URL (CVE-2025-3523)
- thunderbird: Information Disclosure of /tmp directory listing (CVE-2025-2830)
- thunderbird: Leak of hashed Window credentials via crafted attachment URL (CVE-2025-3522)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
修复
-
BZ - 2359786
- CVE-2025-3523 thunderbird: User Interface (UI) Misrepresentation of attachment URL
-
BZ - 2359789
- CVE-2025-2830 thunderbird: Information Disclosure of /tmp directory listing
-
BZ - 2359793
- CVE-2025-3522 thunderbird: Leak of hashed Window credentials via crafted attachment URL
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| x86_64 |
|
thunderbird-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: f1165ad6bf98af093c36fd308e2d05b46cba37f104987d66b95af61209903c44 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 1710169308980936efa1940cf58a28e00942e68e945f3cd44d00ad6cfca1454c |
|
thunderbird-debugsource-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 4213887939c6fbefe67bf94f18c2bf78b61fe7110de81863504bee8878152770 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| x86_64 |
|
thunderbird-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: f1165ad6bf98af093c36fd308e2d05b46cba37f104987d66b95af61209903c44 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 1710169308980936efa1940cf58a28e00942e68e945f3cd44d00ad6cfca1454c |
|
thunderbird-debugsource-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 4213887939c6fbefe67bf94f18c2bf78b61fe7110de81863504bee8878152770 |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| x86_64 |
|
thunderbird-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: f1165ad6bf98af093c36fd308e2d05b46cba37f104987d66b95af61209903c44 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 1710169308980936efa1940cf58a28e00942e68e945f3cd44d00ad6cfca1454c |
|
thunderbird-debugsource-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 4213887939c6fbefe67bf94f18c2bf78b61fe7110de81863504bee8878152770 |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| s390x |
|
thunderbird-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: 2c726c96cc21a63f0f5eb811d1549357185559a461af0a3d8908b5853bf41c3d |
|
thunderbird-debuginfo-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: ed860e114abdca222688a74cd37de31ebfa99ec29b22f8bd0d5b715cad65509d |
|
thunderbird-debugsource-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: 804ea73a64f34965c97e6b60e2166087cdb214eff5a8258d38a902e69998c71f |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| s390x |
|
thunderbird-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: 2c726c96cc21a63f0f5eb811d1549357185559a461af0a3d8908b5853bf41c3d |
|
thunderbird-debuginfo-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: ed860e114abdca222688a74cd37de31ebfa99ec29b22f8bd0d5b715cad65509d |
|
thunderbird-debugsource-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: 804ea73a64f34965c97e6b60e2166087cdb214eff5a8258d38a902e69998c71f |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| ppc64le |
|
thunderbird-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: 578b915c407bd7a6f166522ed2c6351d3ba25d974f1c76b24875a76e275e5c07 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: f8e29660312c74e34e2b35982d6188cc6dabe2eb60ff2ac23df9103dfe4b5296 |
|
thunderbird-debugsource-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: c4919231ec11c18f8598fc844d05a914e1c3f82a30bfff612bbf0b2e96847ccc |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| ppc64le |
|
thunderbird-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: 578b915c407bd7a6f166522ed2c6351d3ba25d974f1c76b24875a76e275e5c07 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: f8e29660312c74e34e2b35982d6188cc6dabe2eb60ff2ac23df9103dfe4b5296 |
|
thunderbird-debugsource-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: c4919231ec11c18f8598fc844d05a914e1c3f82a30bfff612bbf0b2e96847ccc |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| aarch64 |
|
thunderbird-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: cc3906eee7f9cf9843d3bcf9b306dd0f2e5ba0de425ddd08f8b99ac805374436 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: c2cb680342ea4dc83dbb4134531e494e2fa0df2a769a54b543e6309935cd0193 |
|
thunderbird-debugsource-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: 3201971cd3fd7cb4508429440c22cd2abbe3df2a91ea719330f8a5c17db0ac7c |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| aarch64 |
|
thunderbird-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: cc3906eee7f9cf9843d3bcf9b306dd0f2e5ba0de425ddd08f8b99ac805374436 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: c2cb680342ea4dc83dbb4134531e494e2fa0df2a769a54b543e6309935cd0193 |
|
thunderbird-debugsource-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: 3201971cd3fd7cb4508429440c22cd2abbe3df2a91ea719330f8a5c17db0ac7c |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| ppc64le |
|
thunderbird-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: 578b915c407bd7a6f166522ed2c6351d3ba25d974f1c76b24875a76e275e5c07 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: f8e29660312c74e34e2b35982d6188cc6dabe2eb60ff2ac23df9103dfe4b5296 |
|
thunderbird-debugsource-128.9.2-1.el9_5.ppc64le.rpm
|
SHA-256: c4919231ec11c18f8598fc844d05a914e1c3f82a30bfff612bbf0b2e96847ccc |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| x86_64 |
|
thunderbird-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: f1165ad6bf98af093c36fd308e2d05b46cba37f104987d66b95af61209903c44 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 1710169308980936efa1940cf58a28e00942e68e945f3cd44d00ad6cfca1454c |
|
thunderbird-debugsource-128.9.2-1.el9_5.x86_64.rpm
|
SHA-256: 4213887939c6fbefe67bf94f18c2bf78b61fe7110de81863504bee8878152770 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| aarch64 |
|
thunderbird-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: cc3906eee7f9cf9843d3bcf9b306dd0f2e5ba0de425ddd08f8b99ac805374436 |
|
thunderbird-debuginfo-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: c2cb680342ea4dc83dbb4134531e494e2fa0df2a769a54b543e6309935cd0193 |
|
thunderbird-debugsource-128.9.2-1.el9_5.aarch64.rpm
|
SHA-256: 3201971cd3fd7cb4508429440c22cd2abbe3df2a91ea719330f8a5c17db0ac7c |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
thunderbird-128.9.2-1.el9_5.src.rpm
|
SHA-256: a890b6f8cc2186da5ded024839b441ad5ba7ac6c85f3a7022c1c1c32341dbf2c |
| s390x |
|
thunderbird-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: 2c726c96cc21a63f0f5eb811d1549357185559a461af0a3d8908b5853bf41c3d |
|
thunderbird-debuginfo-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: ed860e114abdca222688a74cd37de31ebfa99ec29b22f8bd0d5b715cad65509d |
|
thunderbird-debugsource-128.9.2-1.el9_5.s390x.rpm
|
SHA-256: 804ea73a64f34965c97e6b60e2166087cdb214eff5a8258d38a902e69998c71f |
