Test ID:	1.3.6.1.4.1.25623.1.1.10.2024.0006
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2024-0006)
Summary:	The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2024-0006 advisory.
Description:	Summary: The remote host is missing an update for the 'thunderbird, thunderbird-l10n' package(s) announced via the MGASA-2024-0006 advisory. Vulnerability Insight: The updated packages fix security vulnerabilities: Truncated signed text was shown with a valid OpenPGP signature. (CVE-2023-50762) S/MIME signature accepted despite mismatching message date. (CVE-2023-50761) Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver. (CVE-2023-6856) Symlinks may resolve to smaller than expected buffers. (CVE-2023-6857) Heap buffer overflow in nsTextFragment. (CVE-2023-6858) Use-after-free in PR_GetIdentitiesLayer. (CVE-2023-6859) Potential sandbox escape due to VideoBridge lack of texture validation. (CVE-2023-6860) Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode. (CVE-2023-6861) Use-after-free in nsDNSService. (CVE-2023-6862) Undefined behavior in ShutdownObserver(). (CVE-2023-6863) Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. (CVE-2023-6864) Affected Software/OS: 'thunderbird, thunderbird-l10n' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-50761 Debian Security Information: DSA-5582 (Google Search) https://www.debian.org/security/2023/dsa-5582 https://bugzilla.mozilla.org/show_bug.cgi?id=1865647 https://www.mozilla.org/security/advisories/mfsa2023-55/ https://lists.debian.org/debian-lts-announce/2023/12/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2023-50762 https://bugzilla.mozilla.org/show_bug.cgi?id=1862625 Common Vulnerability Exposure (CVE) ID: CVE-2023-6856 Debian Security Information: DSA-5581 (Google Search) https://www.debian.org/security/2023/dsa-5581 https://security.gentoo.org/glsa/202401-10 https://bugzilla.mozilla.org/show_bug.cgi?id=1843782 https://www.mozilla.org/security/advisories/mfsa2023-54/ https://www.mozilla.org/security/advisories/mfsa2023-56/ https://lists.debian.org/debian-lts-announce/2023/12/msg00020.html Common Vulnerability Exposure (CVE) ID: CVE-2023-6857 https://bugzilla.mozilla.org/show_bug.cgi?id=1796023 Common Vulnerability Exposure (CVE) ID: CVE-2023-6858 https://bugzilla.mozilla.org/show_bug.cgi?id=1826791 Common Vulnerability Exposure (CVE) ID: CVE-2023-6859 https://bugzilla.mozilla.org/show_bug.cgi?id=1840144 Common Vulnerability Exposure (CVE) ID: CVE-2023-6860 https://bugzilla.mozilla.org/show_bug.cgi?id=1854669 Common Vulnerability Exposure (CVE) ID: CVE-2023-6861 https://bugzilla.mozilla.org/show_bug.cgi?id=1864118 Common Vulnerability Exposure (CVE) ID: CVE-2023-6862 https://bugzilla.mozilla.org/show_bug.cgi?id=1868042 Common Vulnerability Exposure (CVE) ID: CVE-2023-6863 https://bugzilla.mozilla.org/show_bug.cgi?id=1868901 Common Vulnerability Exposure (CVE) ID: CVE-2023-6864 Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1736385%2C1810805%2C1846328%2C1856090%2C1858033%2C1858509%2C1862089%2C1862777%2C1864015
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.