概述
Important: thunderbird security update
类型/严重性
Security Advisory: Important
Red Hat Lightspeed patch analysis
标题
An update for thunderbird is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- thunderbird: User Interface (UI) Misrepresentation of attachment URL (CVE-2025-3523)
- thunderbird: Information Disclosure of /tmp directory listing (CVE-2025-2830)
- thunderbird: Leak of hashed Window credentials via crafted attachment URL (CVE-2025-3522)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 9 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
-
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 9 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
-
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
-
Red Hat Enterprise Linux for ARM 64 9 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
-
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
-
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
修复
-
BZ - 2359786
- CVE-2025-3523 thunderbird: User Interface (UI) Misrepresentation of attachment URL
-
BZ - 2359789
- CVE-2025-2830 thunderbird: Information Disclosure of /tmp directory listing
-
BZ - 2359793
- CVE-2025-3522 thunderbird: Leak of hashed Window credentials via crafted attachment URL
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 9
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| x86_64 |
|
thunderbird-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: dcef3786f9b058ff129a776bdf4f3dec298f4439c4e55a3a1c92fcf4d745609d |
|
thunderbird-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 9af6fd09d478e66341763757d5cf49386c38bd16ad3659331500fbc2399e0789 |
|
thunderbird-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e3a56de4741144a2ed86770c103df11b129b6c7a671811ccf60525f71ea5be34 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| x86_64 |
|
thunderbird-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: dcef3786f9b058ff129a776bdf4f3dec298f4439c4e55a3a1c92fcf4d745609d |
|
thunderbird-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 9af6fd09d478e66341763757d5cf49386c38bd16ad3659331500fbc2399e0789 |
|
thunderbird-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e3a56de4741144a2ed86770c103df11b129b6c7a671811ccf60525f71ea5be34 |
Red Hat Enterprise Linux Server - AUS 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| x86_64 |
|
thunderbird-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: dcef3786f9b058ff129a776bdf4f3dec298f4439c4e55a3a1c92fcf4d745609d |
|
thunderbird-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 9af6fd09d478e66341763757d5cf49386c38bd16ad3659331500fbc2399e0789 |
|
thunderbird-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e3a56de4741144a2ed86770c103df11b129b6c7a671811ccf60525f71ea5be34 |
Red Hat Enterprise Linux for IBM z Systems 9
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| s390x |
|
thunderbird-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 40eee92a92fcee0911e5edf3ce417678ae6890e6e0321a714a48a57d92c0076b |
|
thunderbird-debuginfo-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 9951a9ea500d47cdc8c59fecf2d26ae3f7fb79792e978a9a00756fdddf315802 |
|
thunderbird-debugsource-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 4a9f84e12df68b660dc5b68b8eda39ba42ebca6910cdfccb7553f1c9ee52e969 |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| s390x |
|
thunderbird-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 40eee92a92fcee0911e5edf3ce417678ae6890e6e0321a714a48a57d92c0076b |
|
thunderbird-debuginfo-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 9951a9ea500d47cdc8c59fecf2d26ae3f7fb79792e978a9a00756fdddf315802 |
|
thunderbird-debugsource-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 4a9f84e12df68b660dc5b68b8eda39ba42ebca6910cdfccb7553f1c9ee52e969 |
Red Hat Enterprise Linux for Power, little endian 9
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| ppc64le |
|
thunderbird-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 9f39eb2eaa8c8e2750fc178fb8efaa171682318e6c257d07a3ee6f286020c5a7 |
|
thunderbird-debuginfo-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 16efddd3efb87725b92c93f93b9d98c804f06d2f71b30025fb4c65495a6fc64f |
|
thunderbird-debugsource-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: e8cd7d17cf32516ba25d6db94b1655cf0a15915a87672e8d9afa3f781301ebe9 |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| ppc64le |
|
thunderbird-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 9f39eb2eaa8c8e2750fc178fb8efaa171682318e6c257d07a3ee6f286020c5a7 |
|
thunderbird-debuginfo-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 16efddd3efb87725b92c93f93b9d98c804f06d2f71b30025fb4c65495a6fc64f |
|
thunderbird-debugsource-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: e8cd7d17cf32516ba25d6db94b1655cf0a15915a87672e8d9afa3f781301ebe9 |
Red Hat Enterprise Linux for ARM 64 9
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| aarch64 |
|
thunderbird-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: dc865eaa250b8f35bb68ee6909fd85a96162922de101d6efa18a4158fbb0fa20 |
|
thunderbird-debuginfo-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 1c3e4c859741d7b9e1a137fd6677d0fbf4ce3e3dbd64db5cfe308759d05aeaaa |
|
thunderbird-debugsource-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 2ec5630253b49bdf5c246ca0e975c2187a24ad684fc131feb9da5d3367d47f7a |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| aarch64 |
|
thunderbird-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: dc865eaa250b8f35bb68ee6909fd85a96162922de101d6efa18a4158fbb0fa20 |
|
thunderbird-debuginfo-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 1c3e4c859741d7b9e1a137fd6677d0fbf4ce3e3dbd64db5cfe308759d05aeaaa |
|
thunderbird-debugsource-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 2ec5630253b49bdf5c246ca0e975c2187a24ad684fc131feb9da5d3367d47f7a |
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| ppc64le |
|
thunderbird-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 9f39eb2eaa8c8e2750fc178fb8efaa171682318e6c257d07a3ee6f286020c5a7 |
|
thunderbird-debuginfo-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: 16efddd3efb87725b92c93f93b9d98c804f06d2f71b30025fb4c65495a6fc64f |
|
thunderbird-debugsource-128.10.0-1.el9_6.ppc64le.rpm
|
SHA-256: e8cd7d17cf32516ba25d6db94b1655cf0a15915a87672e8d9afa3f781301ebe9 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| x86_64 |
|
thunderbird-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: dcef3786f9b058ff129a776bdf4f3dec298f4439c4e55a3a1c92fcf4d745609d |
|
thunderbird-debuginfo-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: 9af6fd09d478e66341763757d5cf49386c38bd16ad3659331500fbc2399e0789 |
|
thunderbird-debugsource-128.10.0-1.el9_6.x86_64.rpm
|
SHA-256: e3a56de4741144a2ed86770c103df11b129b6c7a671811ccf60525f71ea5be34 |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| aarch64 |
|
thunderbird-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: dc865eaa250b8f35bb68ee6909fd85a96162922de101d6efa18a4158fbb0fa20 |
|
thunderbird-debuginfo-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 1c3e4c859741d7b9e1a137fd6677d0fbf4ce3e3dbd64db5cfe308759d05aeaaa |
|
thunderbird-debugsource-128.10.0-1.el9_6.aarch64.rpm
|
SHA-256: 2ec5630253b49bdf5c246ca0e975c2187a24ad684fc131feb9da5d3367d47f7a |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6
| SRPM |
|
thunderbird-128.10.0-1.el9_6.src.rpm
|
SHA-256: 326e5ca3eaa73f1908df8262c5a243999939a03439d98a4e5f77e1324171c3ae |
| s390x |
|
thunderbird-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 40eee92a92fcee0911e5edf3ce417678ae6890e6e0321a714a48a57d92c0076b |
|
thunderbird-debuginfo-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 9951a9ea500d47cdc8c59fecf2d26ae3f7fb79792e978a9a00756fdddf315802 |
|
thunderbird-debugsource-128.10.0-1.el9_6.s390x.rpm
|
SHA-256: 4a9f84e12df68b660dc5b68b8eda39ba42ebca6910cdfccb7553f1c9ee52e969 |
