概述
Important: thunderbird security update
类型/严重性
Security Advisory: Important
标题
An update for thunderbird is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
描述
Mozilla Thunderbird is a standalone mail and newsgroup client.
Security Fix(es):
- firefox: thunderbird: Out-of-bounds access when resolving Promise objects (CVE-2025-4918)
- firefox: thunderbird: Out-of-bounds access when optimizing linear sums (CVE-2025-4919)
- firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details (CVE-2025-5267)
- firefox: thunderbird: Potential local code execution in ?Copy as cURL? command (CVE-2025-5264)
- firefox: thunderbird: Memory safety bugs (CVE-2025-5268)
- firefox: thunderbird: Script element events leaked cross-origin resource status (CVE-2025-5266)
- firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content (CVE-2025-5263)
- firefox: thunderbird: Memory safety bug (CVE-2025-5269)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
受影响的产品
-
Red Hat Enterprise Linux for x86_64 10 x86_64
-
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
-
Red Hat Enterprise Linux for IBM z Systems 10 s390x
-
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
-
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
-
Red Hat Enterprise Linux for ARM 64 10 aarch64
-
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
-
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
-
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
-
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
-
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64
修复
-
BZ - 2367016
- CVE-2025-4918 firefox: thunderbird: Out-of-bounds access when resolving Promise objects
-
BZ - 2367018
- CVE-2025-4919 firefox: thunderbird: Out-of-bounds access when optimizing linear sums
-
BZ - 2368750
- CVE-2025-5267 firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details
-
BZ - 2368751
- CVE-2025-5264 firefox: thunderbird: Potential local code execution in ?Copy as cURL? command
-
BZ - 2368752
- CVE-2025-5268 firefox: thunderbird: Memory safety bugs
-
BZ - 2368755
- CVE-2025-5266 firefox: thunderbird: Script element events leaked cross-origin resource status
-
BZ - 2368756
- CVE-2025-5263 firefox: thunderbird: Error handling for script execution was incorrectly isolated from web content
-
BZ - 2368757
- CVE-2025-5269 firefox: thunderbird: Memory safety bug
注::
可能有这些软件包的更新版本。
点击软件包名称查看详情。
Red Hat Enterprise Linux for x86_64 10
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| x86_64 |
|
thunderbird-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: 5b6cae17250d52212e40f74dda2269525c23203d63c2daf861e62ae7efe22858 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: 277926c657fb5506ca0362c4d3384bb09e7e3582298ed82db36690462853ce64 |
|
thunderbird-debugsource-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: c43a8532a611842a3a802af499926b273081c8ad296e6f54fd9fc6dc72b1d63c |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| x86_64 |
|
thunderbird-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: 5b6cae17250d52212e40f74dda2269525c23203d63c2daf861e62ae7efe22858 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: 277926c657fb5506ca0362c4d3384bb09e7e3582298ed82db36690462853ce64 |
|
thunderbird-debugsource-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: c43a8532a611842a3a802af499926b273081c8ad296e6f54fd9fc6dc72b1d63c |
Red Hat Enterprise Linux for IBM z Systems 10
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| s390x |
|
thunderbird-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: b58e7551f24e80de42cc3e6ca90da85b96c729279f155e0a90ef030e692813dc |
|
thunderbird-debuginfo-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: 07951c9f265d2ae568828cb06bddbf639dca32b301fe29e57530507974b9a0a0 |
|
thunderbird-debugsource-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: bce18e9d13652c02c793d91956615c8c4e01035fbdf8d6d1c5d926f12c4423df |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| s390x |
|
thunderbird-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: b58e7551f24e80de42cc3e6ca90da85b96c729279f155e0a90ef030e692813dc |
|
thunderbird-debuginfo-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: 07951c9f265d2ae568828cb06bddbf639dca32b301fe29e57530507974b9a0a0 |
|
thunderbird-debugsource-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: bce18e9d13652c02c793d91956615c8c4e01035fbdf8d6d1c5d926f12c4423df |
Red Hat Enterprise Linux for Power, little endian 10
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| ppc64le |
|
thunderbird-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: 839866643817294be68346bbbced844d97d00fe3c239fe4ddb4801a69a9bbc47 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: 750bc79779303c40d3f48198ef28ef848d1144c45ec94b33e8c1e90470f5b45f |
|
thunderbird-debugsource-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: caccb7361d0d57cf7e56d15cac2aa8e955237b47b7201843cf4ca76cf6058a3c |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| ppc64le |
|
thunderbird-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: 839866643817294be68346bbbced844d97d00fe3c239fe4ddb4801a69a9bbc47 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: 750bc79779303c40d3f48198ef28ef848d1144c45ec94b33e8c1e90470f5b45f |
|
thunderbird-debugsource-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: caccb7361d0d57cf7e56d15cac2aa8e955237b47b7201843cf4ca76cf6058a3c |
Red Hat Enterprise Linux for ARM 64 10
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| aarch64 |
|
thunderbird-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: f23d0f3e95e00a98a7c578ad4247b30aaaec8d3f4c91b286ea70937f1e9169c0 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: 0e4482ba83d4b6c4760a79d7f0696c21048d9f8300f9186ff1106a876ff41fb6 |
|
thunderbird-debugsource-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: ef008e8470eeb9128d354cbff3bb5b9a1761cbebaa5a874feecd7628b55bb99e |
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| aarch64 |
|
thunderbird-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: f23d0f3e95e00a98a7c578ad4247b30aaaec8d3f4c91b286ea70937f1e9169c0 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: 0e4482ba83d4b6c4760a79d7f0696c21048d9f8300f9186ff1106a876ff41fb6 |
|
thunderbird-debugsource-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: ef008e8470eeb9128d354cbff3bb5b9a1761cbebaa5a874feecd7628b55bb99e |
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| aarch64 |
|
thunderbird-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: f23d0f3e95e00a98a7c578ad4247b30aaaec8d3f4c91b286ea70937f1e9169c0 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: 0e4482ba83d4b6c4760a79d7f0696c21048d9f8300f9186ff1106a876ff41fb6 |
|
thunderbird-debugsource-128.11.0-1.el10_0.aarch64.rpm
|
SHA-256: ef008e8470eeb9128d354cbff3bb5b9a1761cbebaa5a874feecd7628b55bb99e |
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| s390x |
|
thunderbird-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: b58e7551f24e80de42cc3e6ca90da85b96c729279f155e0a90ef030e692813dc |
|
thunderbird-debuginfo-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: 07951c9f265d2ae568828cb06bddbf639dca32b301fe29e57530507974b9a0a0 |
|
thunderbird-debugsource-128.11.0-1.el10_0.s390x.rpm
|
SHA-256: bce18e9d13652c02c793d91956615c8c4e01035fbdf8d6d1c5d926f12c4423df |
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| ppc64le |
|
thunderbird-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: 839866643817294be68346bbbced844d97d00fe3c239fe4ddb4801a69a9bbc47 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: 750bc79779303c40d3f48198ef28ef848d1144c45ec94b33e8c1e90470f5b45f |
|
thunderbird-debugsource-128.11.0-1.el10_0.ppc64le.rpm
|
SHA-256: caccb7361d0d57cf7e56d15cac2aa8e955237b47b7201843cf4ca76cf6058a3c |
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0
| SRPM |
|
thunderbird-128.11.0-1.el10_0.src.rpm
|
SHA-256: 58d1bf8110655b5892d938968a8cd3039d7dacbe78d2585607d439041fc1790b |
| x86_64 |
|
thunderbird-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: 5b6cae17250d52212e40f74dda2269525c23203d63c2daf861e62ae7efe22858 |
|
thunderbird-debuginfo-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: 277926c657fb5506ca0362c4d3384bb09e7e3582298ed82db36690462853ce64 |
|
thunderbird-debugsource-128.11.0-1.el10_0.x86_64.rpm
|
SHA-256: c43a8532a611842a3a802af499926b273081c8ad296e6f54fd9fc6dc72b1d63c |
