Mozilla Thunderbird: Multiple vulnerabilities

Mozilla Thunderbird: Multiple vulnerabilities Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could lead to the execution of arbitrary code. mozilla,thunderbird 2018-11-24 2018-11-24 651862 656092 660342 669960 670102 remote 60.3.0 60.3.0 60.3.0 60.3.0

Mozilla Thunderbird is a popular open-source email client from the Mozilla project.

Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the referenced Mozilla Foundation Security Advisories and CVE identifiers below for details.

A remote attacker may be able to execute arbitrary code, cause a Denial of Service condition, obtain sensitive information, or conduct Cross-Site Request Forgery (CSRF).

There is no known workaround at this time.

All Thunderbird users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=mail-client/thunderbird-60.3.0"

All Thunderbird binary users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=mail-client/thunderbird-bin-60.3.0"

CVE-2017-16541 CVE-2018-12359 CVE-2018-12360 CVE-2018-12361 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12367 CVE-2018-12371 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12383 CVE-2018-12385 CVE-2018-12389 CVE-2018-12390 CVE-2018-12391 CVE-2018-12392 CVE-2018-12393 CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5156 CVE-2018-5159 CVE-2018-5161 CVE-2018-5162 CVE-2018-5168 CVE-2018-5170 CVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5185 CVE-2018-5187 CVE-2018-5188 whissi b-man